Nylas v2 documentation

You're viewing docs for the previous version of Nylas, which will be deprecated on Dec. 31, 2024. See the upgrade guide or the docs for v3 (latest).

Version:
Only show these results:

Authorizing API requests in Nylas v2

Once you've successfully connected an email account using one of the authentication methods, you'll have an <ACCESS_TOKEN> that allows you to pull email, contact, and calendar data for that email account. This article will cover each authentication method using the <ACCESS_TOKEN>.

Bearer Authentication

Bearer authentication requires the <ACCESS_TOKEN> for authentication:

curl -X GET -H 'Authorization: Bearer <ACCESS_TOKEN>' 'https://api.nylas.com/account'

Basic Authentication

You can use basic authentication for every Nylas endpoint. Basic authentication requires the <NYLAS_CLIENT_SECRET:> to be base 64 encoded. Make sure to put a colon after the <NYLAS_CLIENT_SECRET:> as shown below:

curl --request POST \
  --url https://api.nylas.com/a/<NYLAS_CLIENT_ID/accounts/<NYLAS_ACCOUNT_ID>/downgrade \
  --header 'Accept: application/json, application/gzip' \
  --header 'Content-Type: application/json'
  -u "<NYLAS_CLIENT_SECRET>:"

The endpoints that require basic authentication are:

Base64 Encoding

You can encode the <NYLAS_CLIENT_SECRET> using the command echo -n "NYLAS_CLIENT_SECRET:" | base64. The username is the <NYLAS_CLIENT_SECRET> or <NYLAS_ACCESS_TOKEN>. The password is not included. An example of the command is shown below:

$ echo ‘d57963d558d1:’ | base64
4oCYZDU3OTYzZDU1OGQxOmIzNTU5MmU1MTAxNuKAmQo=

Once you've run this command, replace the <NYLAS_CLIENT_SECRET> with the base64 string that is returned when you make API requests.

Deciding Which Method of Authentication to Use

Each endpoint includes a list of the authentication types. We generally recommend using Bearer Authentication.

SDK Authentication

SDK's require that you pass in the <NYLAS_CLIENT_ID>, <NYLAS_CLIENT_SECRET> and <ACCESS_TOKEN>. Make sure to store these as environment variables. Example of SDKs are shown below:

require 'nylas'

nylas = Nylas::API.new(
  app_id: '<NYLAS_CLIENT_ID>', 
  app_secret: '<NYLAS_CLIENT_SECRET>', 
  access_token: '<ACCESS_TOKEN>')
# Access tokens should be secured securely in your database.

# Print the user account
puts nylas.current_account   
const Nylas = require('nylas');

Nylas.config({
  appId: '<NYLAS_CLIENT_ID>',
  appSecret: '<NYLAS_CLIENT_SECRET>',
});

const nylas = Nylas.with('<ACCESS_TOKEN>');
// Access tokens should be secured securely in your database.

// Print the user account
nylas.account.get().then(account => console.log(account));   
from nylas import APIClient

nylas = APIClient(
    '<NYLAS_CLIENT_ID>', 
    '<NYLAS_CLIENT_SECRET>',
    '<ACCESS_TOKEN>'
)
# Access tokens should be secured securely in your database.

# Print the user account
print(nylas.account)

What's Next?