Only show these results:

Authorizing API Requests

Once you've successfully connected an email account using one of the authentication methods, you'll have an <ACCESS_TOKEN> that allows you to pull email, contact, and calendar data for that email account. This article will cover each authentication method using the <ACCESS_TOKEN>.

Bearer Authentication

Bearer authentication requires the <ACCESS_TOKEN> for authentication.

curl -X GET -H 'Authorization: Bearer <ACCESS_TOKEN>' 'https://api.nylas.com/account'

Basic Authentication

You can use basic authentication for every Nylas endpoint. Basic authentication requires the <CLIENT_SECRET:> to be base 64 encoded. The client secret is followed by a colon, :.

curl --request POST \
  --url https://api.nylas.com/a/<CLIENT_ID/accounts/<ACCOUNT_ID/downgrade \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json'
  -u "<CLIENT_SECRET>:"

The endpoints that require basic authentication are:

Base64 Encode

You can encode the <CLIENT_SECRET> using echo -n "CLIENT_SECRET:" | base64. The username is the <CLIENT_SECRET> or <ACCESS_TOKEN>. The password is not included.

$ echo ‘d57963d558d1:’ | base64
4oCYZDU3OTYzZDU1OGQxOmIzNTU5MmU1MTAxNuKAmQo=

Then replace the <CLIENT_SECRET> with the base64 string that is returned when making API requests.

Deciding Which to Use

Each endpoint includes a list of the authentication types. In general, we recommend you use Bearer Authentication.

SDK Authentication

SDK's require you to have the <CLIENT_ID>, <CLIENT_SECRET> and <ACCESS_TOKEN> passed in. Store these as environment variables.

  require 'nylas'

  nylas = Nylas::API.new(
    app_id: '<CLIENT_ID>', 
    app_secret: '<CLIENT_SECRET>', 
    access_token: '<ACCESS_TOKEN>')
  # Access tokens should be secured securely in your database.

  # Print the user account
  puts nylas.current_account   
  const Nylas = require('nylas');

  Nylas.config({
    appId: '<CLIENT_ID>',
    appSecret: '<CLIENT_SECRET>',
  });

  const nylas = Nylas.with('<ACCESS_TOKEN>');
  // Access tokens should be secured securely in your database.

  // Print the user account
  nylas.account.get().then(account => console.log(account));   
  from nylas import APIClient

  nylas = APIClient(
    '<CLIENT_ID>', 
    '<CLIENT_SECRET>',
    '<ACCESS_TOKEN>'
  )
  # Access tokens should be secured securely in your database.

  # Print the user account
  print(nylas.account)

What's Next?