Authentication
==============

client token
------------
add the following to the request: 

``&accesskey=<access key given by JANZZ>``

Each API endpoint which you would like to use with the client access key must be enabled by the JANZZ team.  
This list will be limited to things like typeaheads and other read-only functions.  Modifying a JANZZ for 
example is only possible with a server authentication token.

server token
------------
Clients should authenticate by passing the token key in the "Authorization" HTTP header, prepended with the string "Token ".  For example:

``Authorization: Token <token provided by janzz>``


session
-------

Session authentication is done using a session cookie which is obtained by logging
into the JANZZ.jobs website.  This is only used for testing the API in a standard web
browser.  This cookie will expire, so you will need to constantly log back in or perform
actions on the website in in order for it to be valid for longer periods.


retrieving access tokens
------------------------

In order to retrieve your access tokens, you may log into the JANZZ.jobs platform with
a valid user, then go to the following URL:

``https://www.janzz.jobs/japi/access_tokens/``

This URL is only valid with session authentication.