The service uses HTTP Basic authentication.

With HTTP Basic authentication, the username and password are submitted in a header within each HTTP call, as demonstrated in the example below. There is no server-side retention of an authenticated session, which means that authentication must be repeated with every call.

Please note: To ensure compatibility with all clients, please capitalize the word “Basic.”

GET /current/outbound/fax/865225412/meta HTTP/1.1
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

The formula for creating the authorization string is:

base64_encode($interfax_username . ":" . $interfax_password)

That is, concatenating the InterFAX username, a colon (:), and the InterFAX password, then base64-encoding the concatenated string.

Use of the API is always through an existing InterFAX “Primary” user (generally, any first user in an account is a primary user; subsequent users are normally opened as “Normal” users, but not necessarily) . There is no special API user required.

Attempting API operations, which require authentication, without performing authentication will return an HTTP error 401 (UNAUTHORIZED). For example, the unauthenticated call:

GET /current/outbound/fax/865225412/meta HTTP/1.1

will return the following HTTP headers:

HTTP/1.1 401 Authorization Required
WWW-Authenticate: Basic realm="Secure Area"