Use the MMAP API

When authentication is enabled, your application must send a user's API token in each request it makes to the MMAP API on their behalf.

Your application can obtain an API token for a user through the /authenticate endpoint. Your application sends an HTTP POST request to the endpoint, using HTTP Basic Authentication to provide the user's name and password. MMAP sends a request to IDOL Community to verify the credentials and retrieve the user's roles. If authentication is successful then MMAP returns the API token. The response from MMAP also includes a cookie named mmap_auth that contains the API token.

TIP: For more information about the /authenticate endpoint, refer to the MMAP API documentation.

You must provide this API token for all subsequent requests made for that user. In each request, do one of the following:

  • Include the Authorization header, set to Bearer, with the user's API token. For example:

    Authorization: Bearer api_token
  • Include the Cookie header and provide the cookie that was returned from the MMAP /authenticate endpoint.

If you do not provide an API token the response from MMAP has an HTTP 401 (unauthorized) status code.