Version:
Only show these results:

Authorizing API requests in Nylas v2

Once you've successfully connected an email account using one of the authentication methods, you'll have an <ACCESS_TOKEN> that allows you to pull email, contact, and calendar data for that email account. This article will cover each authentication method using the <ACCESS_TOKEN>.

Bearer Authentication

Bearer authentication requires the <ACCESS_TOKEN> for authentication:

curl -X GET -H 'Authorization: Bearer <ACCESS_TOKEN>' 'https://api.nylas.com/account'

Basic Authentication

You can use basic authentication for every Nylas endpoint. Basic authentication requires the <NYLAS_CLIENT_SECRET:> to be base 64 encoded. Make sure to put a colon after the <NYLAS_CLIENT_SECRET:> as shown below:

curl --request POST \
  --url https://api.nylas.com/a/<NYLAS_CLIENT_ID/accounts/<NYLAS_ACCOUNT_ID>/downgrade \
  --header 'Accept: application/json, application/gzip' \
  --header 'Content-Type: application/json'
  -u "<NYLAS_CLIENT_SECRET>:"

The endpoints that require basic authentication are:

Base64 Encoding

You can encode the <NYLAS_CLIENT_SECRET> using the command echo -n "NYLAS_CLIENT_SECRET:" | base64. The username is the <NYLAS_CLIENT_SECRET> or <NYLAS_ACCESS_TOKEN>. The password is not included. An example of the command is shown below:

$ echo ‘d57963d558d1:’ | base64
4oCYZDU3OTYzZDU1OGQxOmIzNTU5MmU1MTAxNuKAmQo=

Once you've run this command, replace the <NYLAS_CLIENT_SECRET> with the base64 string that is returned when you make API requests.

Deciding Which Method of Authentication to Use

Each endpoint includes a list of the authentication types. We generally recommend using Bearer Authentication.

SDK Authentication

SDK's require that you pass in the <NYLAS_CLIENT_ID>, <NYLAS_CLIENT_SECRET> and <ACCESS_TOKEN>. Make sure to store these as environment variables. Example of SDKs are shown below:

require 'nylas'

nylas = Nylas::API.new(
  app_id: '<NYLAS_CLIENT_ID>', 
  app_secret: '<NYLAS_CLIENT_SECRET>', 
  access_token: '<ACCESS_TOKEN>')
# Access tokens should be secured securely in your database.

# Print the user account
puts nylas.current_account   
const Nylas = require('nylas');

Nylas.config({
  appId: '<NYLAS_CLIENT_ID>',
  appSecret: '<NYLAS_CLIENT_SECRET>',
});

const nylas = Nylas.with('<ACCESS_TOKEN>');
// Access tokens should be secured securely in your database.

// Print the user account
nylas.account.get().then(account => console.log(account));   
from nylas import APIClient

nylas = APIClient(
    '<NYLAS_CLIENT_ID>', 
    '<NYLAS_CLIENT_SECRET>',
    '<ACCESS_TOKEN>'
)
# Access tokens should be secured securely in your database.

# Print the user account
print(nylas.account)

What's Next?