Skip to main content

Authentication

The Loaded API is secured using bearer tokens which should be submitted as an Authorization HTTP header on each request you make. To send requests to the API you'll first need to get a valid access token from our OAuth2 authorization server. Details of how to do this, and the credentials to use will be shared with you by Loaded.

Once you've got a bearer token you simply need to provide it as a header when the request is sent. Here's an example that would return all Staff Members for the company the bearer token is bound to:

curl \
  -H '"Authorization=Bearer {token}"' \
  https://api.loadedreports.com/v1/pos/staffmembers
tip

Note that you will need individual API credentials for each Loaded company that you wish to send data to. That is, the credentials you use are tied to a specific company.

Be aware that our authorization server is different to the API service you'll be sending requests to with the token you've negotiated. Where possible Loaded recommends that you use an OAuth2 client library for retrieving tokens, we can however provide details of how to hand-craft the correct request if required - just ask.