Exhibtr API uses the OAuth 2.0 protocol for simple but effective authentication and authorization. OAuth 2.0 is much easier to use than previous schemes so you are able to start using the Exhibtr API almost immediately!
Do you need to authenticate?
The majority of Exhibtr's API requires only the use of a client_id to perform a request. A client_id simply associates your application with your website, script or program. However, some requests to the Exhibtr API do require authentication - requests made on behalf of a user which create, update or delete content on the site. These requests require an access_token which are unique to a user and should be stored securely.
In most situation you will not need to authenticate usrs at all. For instance you may perform a search query to request pieces of work off Exhibtr which match your search term without authenticating (i.e. without providing an access_token). For these requests just provide your client_id with the request and this will be sufficient. Authentication (requests made with an access_token) is only required in instances where your application is making requests on behalf of a user and creating, updating or deleting content or information on the site, such as commenting, liking or performing uploads.
Receiving an access_token
In order to receive an access_token, you must do the following:
The ability to receive an access_token for a user is coming soon!