There are two different ways to authenticate when performing API requests:
- Phrase Platform API tokens
- E-Mail and password
- Oauth Access Token
Preferred method – use this for a single, consistent way to access all Phrase Platform APIs.
E-Mail and password
To get started easily, you can use HTTP Basic authentication with your email and password:
$ curl -u username:password "https://api.phrase.com/v2/projects"
OAuth via Access Tokens
You can create and manage access tokens in your profile settings in Translation Center or via the Authorizations API.
Simply pass the access token as the username of your request:
$ curl -u ACCESS_TOKEN: "https://api.phrase.com/v2/projects"
Authorization header field:
$ curl -H "Authorization: token ACCESS_TOKEN" https://api.phrase.com/v2/projects
Send via parameter
As JSONP (and other) requests cannot send HTTP Basic Auth credentials, a special query parameter access_token can be used:
curl "https://api.phrase.com/v2/projects?access_token=ACCESS_TOKEN"
Two-Factor-Authentication
Users with Two-Factor-Authentication enabled have to send a valid token along their request with certain authentication methods (such as Basic authentication). The necessity of a Two-Factor-Authentication token is indicated by the X-PhraseApp-OTP: required; :MFA-type header in the response. The :MFA-type field indicates the source of the token, e.g. app (refers to your Authenticator application):
X-PhraseApp-OTP: required; app
curl -H "X-PhraseApp-OTP: MFA-TOKEN" -u EMAIL https://api.phrase.com/v2/projects
Multiple Accounts
Some endpoints require the account ID to be specified if the authenticated user is a member of multiple accounts. You can find the eight-digit account ID inside Translation Center by switching to the desired account and then visiting the account details page. If required, you can specify the account just like a normal parameter within the request. 
