Skip to main content
All CollectionsApps, Tools & Integrations
Authenticating API Requests for The Layer
Authenticating API Requests for The Layer
Nick Kewney avatar
Written by Nick Kewney
Updated over a week ago


Welcome to the developer guide for authenticating API requests for The Layer's API, located at Our API is designed to be secure, efficient, and easy to use. This guide will walk you through the process of using two authentication tokens to authenticate your API requests.

Understanding the Authentication Process

Our API uses a dual-token authentication mechanism to enhance security. Every API request must include two header tokens: Token1 and Token2. These tokens ensure that the request is authorised and secure.


Token1 is your primary authentication token. This token is unique to your account and should be kept confidential.


Token2 serves as a secondary layer of authentication.

Obtaining Your Tokens

Before you can authenticate your API requests, you need to obtain your Token1 and Token2. Here's how you can do it:

  1. Create New Application: Create a new application on The Layer for your use case

  2. Generate Tokens: Create the new tokens for the user

Making an Authenticated Request

Once you have both tokens, you can make authenticated requests to our API. Here's a basic example of what an authenticated request looks like:

GET /api/your-endpoint Headers: Token1: your-token1-value Token2: your-token2-value

Replace your-token1-value and your-token2-value with your actual token values.

Best Practices for Token Security

  • Keep your tokens secure: Treat your tokens like passwords. Do not share them publicly or with unauthorized individuals.

  • Store tokens securely: Store your tokens in a secure environment. Avoid hardcoding them in your application.

Troubleshooting Common Issues

  • **Invalid or expired tokens: If you receive errors regarding invalid or expired tokens, ensure that Token1 is still valid and that Token2 is up-to-date.

  • Missing tokens: Ensure that both Token1 and Token2 are included in the header of every API request. Missing any of the tokens will result in authentication failure.

  • Permission errors: If you encounter permission-related errors, verify that your tokens are associated with the correct level of access for the requested resources.


Authenticating your API requests with Token1 and Token2 ensures secure access to The Layer's services. By following the guidelines outlined in this document, you can confidently integrate our API into your applications.

Did this answer your question?