The Bbot API uses API keys to authenticate requests. These API keys will be shared out over LastPass. These are attainable by reaching out to engineering@bbot.menu with API in the email subject for more.

Your API keys carry many privileges, so be sure to keep them secure! Part of this includes that you do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

Authentication to the API is performed by hitting our authentication endpoint with your API

All API requests must be made over HTTPS.

response = requests.post('https://staging.bbot.menu/api/v2-1/authenticate', json={'username': <api-key-from-lastpass>, 'password': <secret-key-from-lastpass>})

token = response.json()['token']

auth_headers = {'Authorization': 'JWT {}'.format(token)}