Authentication in the Bokio API is dependent to the type of integration you are building. All APIs are using Bearer token as the authorization mechanism, but the origin of the token is different.
- Private integrations use a token generated in the Bokio app, see Authentication for Private integrations
- Public Integrations use access tokens from OAuth 2.0 grants, see Authentication for Public Integrations (OAuth)
Handling of secrets
Ensure that you handle your tokens and other secrets securely and avoid storing them in sensitive files or sharing them in public repositories or client-side code.