Create, read, update, or delete authorizations (API keys)

The Authorizations API provides access to your authorizations (API keys). Authorizations can be created (POST) via HTTP Basic authentication using your Fulcrum username and password. Other methods require authentication via an API key as either an HTTP request header or query string parameter.

The Authorizations API can be used to create client side applications that do not expose your API key in source code. A username and password can be exchanged for a temporary, or non-expiring API key for use with other API endpoints.


Method Endpoint Description
GET /api/v2/authorizations.json Fetch the authorizations for your membership.
GET /api/v2/authorizations/:id.json Fetch a single authorization.
POST /api/v2/authorizations.json Create an authorization. Requires Basic authentication
PUT /api/v2/authorizations/:id.json Update an authorization.
DELETE /api/v2/authorizations/:id.json Delete an authorization.



Below is an example of using jQuery to create an expiring authorization in a client side application.

var email = '';
var password = 'password';

var data = {
  authorization: {
    organization_id: 'dfdad810-373e-491b-b074-4022acd956cb',
    note: 'Some Application Name',
    timeout: 3600

  url: '',
  type: 'POST',
  data: JSON.stringify(data),
  dataType: 'json',
  contentType: 'application/json',
  headers: {
    'Authorization': 'Basic ' + window.btoa(email + ':' + password)
  success: function (data) {
    console.log('Token is ' + data.authorization.token);
  statusCode: {
    401: function() {
      window.alert('Incorrect credentials, please try again.');

Valid Authorization Response

  "authorization": {
    "note": "My API key",
    "expires_at": "2017-04-11T19:13:58.156Z",
    "timeout": 3600,
    "token": "1cd5ea4c893bb3bb4e3b570ada9042ce7a0c7e1980002e5368a0eb0fdeb0f6faf114968d71ce9884",
    "id": "38d0f9f7-dc39-47a6-80db-a15cfc998d7f"