Experience Level
This core reference entry is suited for advanced-level builders.
In-depth articles
In-depth articles
To learn about this topic more in-depth, we recommend reading the suggested articles below:
Bubble also supports other ways to authenticate incoming requests:
Postman Collection
Postman Collection
Bubble offers a Postman collection. This collection is specifically designed to help developers understand and experiment with the various API functionalities available in Bubble.
External page: Bubble Postman collection
Authenticating as an admin
Using an API Token gives a client full administrator access to your database. This means that privacy rules are ignored and the client gets the same access level that an admin gets in the Bubble editor.
To generate an API token go to Settings - API and click the ‘Generate a new API token’ button. This will generate a 32-character token consisting of a combination of numbers and letters. To use the token in an API request, include it in the Authorization header of the request as a bearer token:
Authorization: Bearer <token>
API token label
The API Token Label field lets you give each API Token a descriptive name. The label is visible only in the Bubble editor and does not affect the Data API in any way.
Private key
This is the 32-character token used by the client to authenticate.
Regenerate private key
Clicking this button will generate a new API token using the same label. Note that the new token will replace the old one. If you want to create an additional new token, use the ‘Generate a new API token’ button instead.
Authenticating as a user
Authenticating as a User gives a client access to your database with the same privileges as that User has, as defined in the privacy rules.
To authenticate as a User, set up an API Workflow with a ‘Log the User in’ action. Bubble will return a token in the JSON that can be used for subsequent calls.