Authentication

The Lightyshare API uses token-based authentication to secure all API requests.

API Tokens

All API requests require authentication using an API token. You can obtain your API token from your Lightyshare dashboard.

Using Bearer Token (Recommended)

Include your API token in the Authorization header:

curl -H "Authorization: Bearer YOUR_API_TOKEN" \
     https://lightyshare.com/api/token-secured/rental/123

Using Query Parameter (Legacy)

For backward compatibility, you can also pass the token as a query parameter:

curl "https://lightyshare.com/api/token-secured/rental/123?token=YOUR_API_TOKEN"

Token Security

Keep your token secure: Never expose your API token in client-side code or public repositories
Token rotation: Regularly rotate your API tokens for enhanced security
Scope: Each token is tied to a specific user account and has access to that user’s resources only

Error Responses

Invalid Token (401 Unauthorized)

{
  "error": "Invalid or missing token"
}

Access Denied (403 Forbidden)

{
  "error": "Access denied to this resource"
}

Best Practices

Use environment variables to store your API tokens
Implement proper error handling for authentication failures
Use HTTPS for all API requests
Monitor token usage through your dashboard

Getting Started

Rentals

Products

Bundles

Authentication

Authentication

API Tokens

Using Bearer Token (Recommended)

Using Query Parameter (Legacy)

Token Security

Error Responses

Invalid Token (401 Unauthorized)

Access Denied (403 Forbidden)

Best Practices

Getting Started

Rentals

Products

Bundles

​Authentication

​API Tokens

​Using Bearer Token (Recommended)

​Using Query Parameter (Legacy)

​Token Security

​Error Responses

​Invalid Token (401 Unauthorized)

​Access Denied (403 Forbidden)

​Best Practices

Authentication

API Tokens

Using Bearer Token (Recommended)

Using Query Parameter (Legacy)

Token Security

Error Responses

Invalid Token (401 Unauthorized)

Access Denied (403 Forbidden)

Best Practices