Bento
  • Go to Marketing Site
  • Go to App
  • User Work Laptop Streamline Icon: https://streamlinehq.comAccount

  • Graduation Cap Streamline Icon: https://streamlinehq.comGet Started

  • Migration Guides

  • DNS Setup

  • Connection Integration System Api Streamline Icon: https://streamlinehq.comAPI for Developers

    • Introduction
    • Quickstart
    • Authentication
    • Subscribers API
    • Events API
    • Emails API
    • Tags API
    • Fields API
    • Broadcasts API
    • Stats API
    • Spam API
  • Package Streamline Icon: https://streamlinehq.comSDK Guides

  • Plugs Streamline Icon: https://streamlinehq.comIntegrations

  • Horizontal Menu Streamline Icon: https://streamlinehq.comMisc

  • Sign in

Authentication

You'll need to authenticate your requests to access any of the endpoints in the Bento API. In this guide, we'll look at how authentication works. Bento authenticates your API requests using Basic authentication.

Basic authentication

To authenticate, use your publishable_key as the username and your secret_key as the password. This method ensures that your credentials remain safe while interacting with the API.

To scope your requests by site, utilize your site_uuid (commonly referred to as the Site Key). You can easily locate this unique identifier in your site settings or by clicking the gear icon on your site. Additionally, the site_uuid is readily available on your API keys page.

To provide the username password in the header of your request you will need to Base64 encode it, publishable_key + secret_key.

Here's an example of authenticating using cURL:

Example request with basic auth

curl -L -X GET 'https://app.bentonow.com/api/v1/fetch/tags?site_uuid=YourSiteUUID1234' \
-H 'Accept: application/json' \
-H 'Authorization: Basic MyUserPasswordEncodedBase64'

Your keys provide access to all sites associated with your account, enhancing convenience but also necessitating caution. If you manage multiple Bento accounts, it is crucial to use the specific API keys of the client account you are working on to avoid unintentional cross-access. This measure helps maintain organized and secure interactions across different client environments, ensuring that each client’s data remains isolated and protected.

Please don't commit your Keys to GitHub or any other source control!

If you ever make a mistake or believe the keys have been exposed revoke them in your team dashboard and issue a new set.

By adhering to these guidelines, you can effectively and securely manage API interactions, whether you’re working on a single site or juggling multiple accounts. Remember, safeguarding your API keys is paramount to maintaining the integrity and security of your data, so always handle them with care.

Using an SDK

If you use one of our official SDKs, you won't have to worry about any of the above — fetch your access keys from the Bento dashboard under settings, and the client library will take care of the rest.

PreviousQuickstart
NextSubscribers API

© Copyright 2025. All rights reserved.

Follow us on XFollow us on GitHubJoin our Discord server

What's on this page

  • Basic authentication
  • Using an SDK