Secured Endpoints

With only a few exceptions all endpoints require a valid session. These endpoints accept either a pair of cookie values (UID and USESSION) or a HTTP BASIC AUTH header with the same two values.


Endpoints that serve content or return error messages can all be localized. You can pass a paramer via the query string or as an HTTP HEADER called localization with a ISO Language-Country code (like en-us). If a value is not specified the endpoint will attempt to guess based on the last endpoint (stored in a cookie) or just default to en-us.