Authentication
Overview
API requests must be authenticated in compliance with the OAuth 1.0a specification (Accessing Protected Resources).
Making a Request
Each request must contain the following OAuth protocol parameters:
| OAuth Parameter | Value |
|---|---|
| oauth_consumer_key | Your OAuth consumer key (from Manage API Access). |
| oauth_token | The access token, obtained (from Manage API Access). |
| oauth_signature_method | hmac-sha1 |
| oauth_signature | The generated request signature, signed with the oauth_token_secret obtained (from Manage API Access). |
| oauth_timestamp | Timestamp for the request in seconds since the Unix epoch. |
| oauth_nonce | A unique string randomly generated per request. |
These parameters may be passed in the HTTP (Authorization) header, as URL query keys, or in the POST data. Generating the OAuth signature is done by applying the HMAC-SHA1 with the oauth_token_secret. You may view your OAuth consumer key at Manage API Access. OAuth libraries are available to generate these requests.
You can find some basic examples at http://github.com/Yelp/yelp-api/tree/master/v2/