Skip to content

Authentication

Authentication in the Content Island REST API is done using an access token that must be included in every API request in the Authorization header. This token is used to identify the project and ensure that only authorized users can access the data.

shell
curl https://api.contentisland.net/api/1.0/contents --header 'Authorization: Bearer YOUR_ACCESS_TOKEN'

Read token vs Write token

Each project exposes two independent tokens. Both are sent in the Authorization: Bearer <token> header, but they grant different permissions:

Token typeHeader valueAllowsPlan
Read tokenAuthorization: Bearer READ_TOKENGET on /content, /contents, /contents/size, …All plans
Write tokenAuthorization: Bearer WRITE_TOKENPOST / PUT on /content (create, update, publish) and POST /resource/upload (file uploads)Solo and up

Calling a write endpoint with a read token returns 403 Forbidden.