Backend API and Oplog API HTTP Authentication

This article covers how to authenticate requests when integrating with the JourneyApps Backend API or Oplog API.


To find the basic authentication credentials or to generate new tokens please follow these steps to navigate to the Manage API page on the Backend Databrowser:

  1. Open the Backend Databrowser for the instance you want to integrate with
  2. Select the dropdown icon next to your name (top left)
  3. If needed, Elevate permissions and capture a reason. The page will refresh thereafter
  4. If you completed step 3, select the dropdown icon again (top left)
  5. Select Manage API

You should see the following page:


The BackendAPI and Oplog API support two methods of authenticating HTTP requests. All the sample code below is written in JavaScript.


  1. This is a combination of the username + password as a base64 encoded string.
  2. This is an aged method of authentication and it is not recommended. If the username and password are compromised then you’ll need to disable basic auth and you need to use token authentication instead.

Here is a code snippet showing an example of Basic Authentication:

function genratBasicAuth () {
   const username = "username"; // Get the username from the Manage API page on the backend instance
   const password = "password"; // Get the password from the Manage API page on the backend instance
   const base64String = Buffer.from(username + ':' + password).toString('base64');
   const authHeader = `Basic ${base64String}`;
   return authHeader;

function run () {
   const httpConfig = {
       "method": "GET",
       "headers": {
           "Content-Type": "application/json",
           "Authorization": genratBasicAuth()

Note that if you disable username and password credentials, it cannot be undone and you’ll need to use token-based authentication.

Authentication Token

  1. This uses a token that can be generated in the Manage API page on the backend instance.
  2. This is the recommended method of authentication as you can revoke tokens as needed and many can be created.

Here is a code snippet showing an example of Token Authentication:

const config = {
    "method": "GET",
    "headers": {
        "Content-Type": "application/json",
        "Authorization": `Bearer ${token}`

Next: Learn more about Integrating with the JourneyApps Platform.

1 Like