Authentication

👍

Authentication Quickstart

Simply add a header of apikey: [[app:key]] to all requests

All API calls to the https://api.triathlon.org endpoint require authentication. Once you have obtained an access key you must send this key as the value of an apikey key/value pair in the header of every request. The below code illustrates the request with cURL.

curl --header "apikey: [[app:key]]" https://api.triathlon.org/v1/athletes/5895
  • The API is only available over SSL to avoid exposing access credentials.
  • Any non-SSL requests will respond with a 301 redirection header to the SSL version of the call.
  • Unauthenticated and unauthorised requests will respond with a 401 response code.

Cross Origin Resource Sharing (CORS)

The API is CORS enabled meaning that you are free to directly use the responses but care should be taken to conceal the API keys.


What’s Next