# REST API ## Getting started {% hint style="info" %} **Note:** The REST API is only available to users on a LoyaltySurf paid plan. {% endhint %} ### Step 1: Get your API key 1. Go to your [LoyaltySurf Account](https://app.loyaltysurf.io/settings#api-keys) page 2. Generate a new API key (if you don't already have one) or click on your existing API key to copy it to your clipboard {% hint style="info" %} Your API key holds many privileges, so be sure to keep it secure! Do not share your API key in publicly accessible areas such as GitHub, Bitbucket, Web Browsers, and Front End client code. {% endhint %} {% hint style="danger" %} Do not use the RESTful API in browser applications. Exposing your secret API key within front end code exposes it to security risks. Anybody with a bit of programming knowledge could potentially hijack your API key and begin making requests on your behalf. {% endhint %} ### Step 2: Set up authentication The LoyaltySurf REST API uses your API key to authenticate requests. Here's how to set up authentication: 1. Set a plain text header named `Authorization` with the contents being **`Bearer `** where **``** is your API key. #### Example Authenticated Request {% tabs %} {% tab title="cURL" %} ```bash curl -X "GET" "https://api.loyaltysurf.io/v1/campaign/4pdlhb" -H "Authorization: Bearer TWZ4X4NXESMX03MT66HHS6Z9Z91E" ``` {% endtab %} {% tab title="Java" %} ```java OkHttpClient client = new OkHttpClient(); Request request = new Request.Builder() .url("https://api.loyaltysurf.io/v1/campaign/4pdlhb") .get() .addHeader("Authorization", "Bearer TWZ4X4NXESMX03MT66HHS6Z9Z91E") .build(); Response response = client.newCall(request).execute(); ``` {% endtab %} {% tab title="Node.js" %} ```javascript const request = require("request"); const options = { method: 'GET', url: 'https://api.loyaltysurf.io/v1/campaign/4pdlhb', headers: { Authorization: 'Bearer TWZ4X4NXESMX03MT66HHS6Z9Z91E' } }; request(options, function (error, response, body) { if (error) throw new Error(error); console.log(body); }); ``` {% endtab %} {% tab title="Python" %} ```python import requests url = "https://api.loyaltysurf.io/v1/campaign/4pdlhb" headers = { 'Authorization': "Bearer TWZ4X4NXESMX03MT66HHS6Z9Z91E" } response = requests.request("GET", url, headers=headers) print(response.text) ``` {% endtab %} {% tab title="PHP" %} ```php setUrl('https://api.loyaltysurf.io/v1/campaign/4pdlhb'); $request->setMethod(HTTP_METH_GET); $request->setHeaders(array( 'Authorization' => 'Bearer TWZ4X4NXESMX03MT66HHS6Z9Z91E' )); try { $response = $request->send(); echo $response->getBody(); } catch (HttpException $ex) { echo $ex; } ``` {% endtab %} {% tab title="Go" %} ```go package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "https://api.loyaltysurf.io/v1/campaign/4pdlhb" req, _ := http.NewRequest("GET", url, nil) req.Header.Add("Authorization", "Bearer TWZ4X4NXESMX03MT66HHS6Z9Z91E") res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) } ``` {% endtab %} {% endtabs %} ## Base URL All endpoints for the LoyaltySurf REST API start with the same base URL: ``` https://api.loyaltysurf.io/v1 ``` ## **Next steps** * [View Tutorials](https://docs.loyaltysurf.io/integrate/rest-api/tutorials) * [View Objects](https://docs.loyaltysurf.io/integrate/rest-api/api-objects) * [View API Reference](https://docs.loyaltysurf.io/integrate/rest-api/api-reference) [![Run in Postman](https://run.pstmn.io/button.svg)](https://www.postman.com/growsurf/growsurf-public/collection/xvgm0uy/loyaltysurf-rest-api)