Skip to content

KAZOO Support Channels

This documentation is curated by 2600Hz as part of the KAZOO open source project. Join our community forums here for peer support. Only features in the docs.2600hz.com/supported space are included as part of our 2600Hz Support Services plan.

Authentication

Authentication#

API Headers#

In order to authenticate any API request, the following headers must be sent: * X-Auth-Token : Your Authentication Token provided by Kazoo. It can be acquired using the user_auth Crossbar API. * X-Kazoo-Cluster-ID : Your Kazoo Cluster ID. This is used to identify your MVNO.

Alternatively, it is possible to send those headers via query string parameters, respectively auth_token and kazoo_cluster_id.

Authentication Levels#

Tower of Power APIs can have various Authentication Levels, which are specified in every API documentation. Below is the description of these levels. Note that in addition to the descriptions below, whenever the API URL includes an Account ID, the authentication process verifies that the Auth Token has access rights to that Account.

  • basic : Verifies that the Auth Token is valid.
  • reseller : Verifies that the Auth Token belongs to a Reseller Account.
  • parent_of : Verifies that the Auth Token belongs to a parent Account of the target Account (account_id in the URL).
  • reseller_of : Verifies that the Auth Token belongs to the Reseller of the target Account (account_id in the URL).
  • master : Verifies that the Auth Token belongs to the Master Account of that Cluster.
  • super_master : Verifies that the Auth Token belongs to the Master Account of the Master Cluster (the Master Cluser being 2600Hz's Production Cluster).