Our APIs utilize Basic Authentication to specify user credentials for authentication and authorization. This header must be present for all API requests, or else an authentication error will be returned.

The credentials should be submitted using Basic Authentication over the HTTPS URL. Most programming languages have built-in libraries to support Basic Authentication, but here's a brief description of how the header is constructed:

1. Combine the username and password into a string "USERNAME:PASSWORD".
2. Encode the resulting string using Base64.
3. Add the Authorization HTTP header and set the value to "Basic " (including the space), plus the encoded string.
   For example, if the username is 'VIBESUSER' and the password is "PASSWORD123", then the header is as follows:

Authorization: Basic VmliZXNVc2VyOlBhc3N3b3JkMTIz

Client Certificate Authentication

Vibes supports Client Certificate Authentication as an extra layer of security for API calls, which can be used for Vibes Connect Message Originated (MO) and Delivery Receipts (DLR) callbacks.

For more information, please see our article on Client Certificate Authentication.