Skip to main content

Authenticating custom requests

Whenever you interact with the WPCS API, you have to authenticate your requests.


The WPCS API supports Basic Auth. This means that your request requires an Authorization header with your API key and secret in a base 64 encoded string.

Manually setting up the Auth header

For example, let's say your API key is 11111111-2222-3333-4444-111111111111 and your API secret is some-generated-secret. You would base 64 encode the string 11111111-2222-3333-4444-111111111111:some-generated-secret (note the colon in between the key and secret). The value of your Authorization header would be:


Note that the base 64 encoded string is prefixed with Basic and a space!


If you are using something like Postman to test requests, you can input the API key and secret in the Authorization section. Whenever filling out forms like this (you will find the same in services like Zapier and, the API key should be filled in the username field and the API secret is used in the password field.