All requests to the Leap API endpoints must include a valid Bearer token in the HTTP Authorization header. There are 2 methods for obtaining this token:
- Login Based Authentication - Using this Log In endpoint
- API Key Authentication - Can be created on your organization's production or staging account page
Production vs. Staging Tokens
API keys and login-based auth tokens are scoped to production or staging environments separately so make sure you are creating your key in the appropriate environment in which you want to use it. You will receive a 403 error if the key or login-based auth token is invalid.