switch header from Authorization to X-PIWIGO-API

Linty
2025-12-01 18:20:16 +01:00
parent 30103934dc
commit cce1480006
+7 -4
@@ -23,6 +23,9 @@ on Piwigo demo](https://demo1.piwigo.com/tools/ws.htm).
Since Piwigo 16, each user can generate one or more personal API keys from their profile.
These keys allow secure, stateless access to the Piwigo web API without requiring a user session.
⚠️ Important change between Piwigo 16.0.0 and 16.1.0:
- Use the `X-PIWIGO-API` header instead of `Authorization` when sending API keys.
### Generate an API key
1. Log in to your Piwigo account.
@@ -33,15 +36,15 @@ These keys allow secure, stateless access to the Piwigo web API without requirin
### Use an API key
* To authenticate your API requests, use the `Authorization` HTTP header:\
`Authorization: pkid-XXXXXXXX-XXXXXXXXXXXX:YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY`
* To authenticate your API requests, use the `X-PIWIGO-API` HTTP header:\
`X-PIWIGO-API: pkid-XXXXXXXX-XXXXXXXXXXXX:YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY`
* `pkid-XXX...` = public identifier of the key
* `YYYYY...` = secret key\
_Don't forget `:` between them_
* Example with curl:
```
curl -H "Authorization: pkid-20250609-abcdef1234567890:0123456789abcdef0123456789abcdef01234567" \
curl -H "X-PIWIGO-API: pkid-20250609-abcdef1234567890:0123456789abcdef0123456789abcdef01234567" \
-d "method=pwg.categories.getList" \
-d "format=json" \
https://your-piwigo/ws.php
@@ -60,7 +63,7 @@ curl -H "Authorization: pkid-20250609-abcdef1234567890:0123456789abcdef012345678
Test your keys:
Use the built-in tool `https://your-piwigo/tools/ws.htm`\
An `Authorization` field lets you test your requests with an API key.
An `X-PIWIGO-API` field lets you test your requests with an API key.
Best practices:
* Use a different key for each application or script.