Kissmetrics Query API validates all requests to ensure they are authorized to take the actions requested.

Requests issued against the Kissmetrics Query API must include an authorization header. Kissmetrics Query API validates all requests to ensure that requests are authorized to take the actions requested. If you omit an authorization header or supply an invalid authorization header, Kissmetrics Query API will respond with the following:

{
  "status": 401,
  "messages": [
    "Unauthenticated."
  ]
}

If you are supplying appropriate credentials, but you are not authorized to take the requested actions,
Kissmetrics Query API will respond with the following:

{
  "status": 403,
  "messages": [
    "You are not authorized to access this page."
  ]
}

To successfully authorize each request, you'll need to provide a BASE64-encoded string of your credentials in the form username:password to the Authorization header.

$ echo -n "support@kissmetrics.io:MyPassword123" | base64
> c3VwcG9ydEBraXNzbWV0cmljcy5jb206d3V0YW5nMTIz

To the resulting string, add the "Basic " prefix:

Authorization: Basic c3VwcG9ydEBraXNzbWV0cmljcy5jb206d3V0YW5nMTIz

For curl requests, the header may be included as such:

curl --header 'Authorization: Basic c3VwcG9ydEBraXNzbWV0cmljcy5jb206d3V0YW5nMTIz'