Learn how to authenticate your requests to the Opal API.


When making requests to the Opal API, you will need to pass proper authentication header so that you can identify yourself as an authorized user.


To authenticate requests, pass a header with key Authorization and value Bearer where is the value of the API token you generate from the admin API console.

API tokens

API tokens can be generated by Opal Admins from the Admin view like so:

Tokens can either be Read-only or Full-access. Be sure to label your token with a descriptive name.

Once the token is generated, copy it and use it to make authenticated requests to the Opal API. This access token does not expire so be sure to store it securely. If a token is compromised, it can be revoked from the Opal Admin page.