NOTE: Do not save/post your personal data like email, phone, address etc... All user create/updated data will be removed periodically.
Unlike Web applications, RESTful APIs are usually stateless, which means sessions or cookies should not be used. Therefore, each request should come with some sort of authentication credentials. A common practice is to send a secret access token with each request to authenticate the user. Since an access token can be used to uniquely identify and authenticate a user, API requests should always be sent via HTTPS to prevent man-in-the-middle (MitM) attacks.
There are different ways to send an access token:
The following list summarizes the HTTP status codes that are used.