REST API: Authorize a Session Using your Email and Password

Some of the requests to the TicketBiscuit API require authentication.

HTTP POST to Users

To authenticate your session, make an HTTP POST request to the generic User Resource Uri:

POST Parameters

Required Parameters

You must POST the following parameters:

Parameter Description
EmailAddress The email address registered with TicketBiscuit.
Password The password used along with the matching email address to log into the TicketBiscuit application.


Example 1

Login to TicketBiscuit using

curl -XPOST
-d ""
-d "password=s0m3p@ssw0rd"
-cookie-jar cookies.txt

"AuthorizedAccounts": [
"ID": 8002,
"Key": "DemoAccount"
"EmailAddress": "",
"FirstName": "John",
"LastName": "Doe",
"TelephoneNumber": "555-555-5555"

Handling Possible Outcomes

Default Behavior

Your user information is returned. It contains the Name, Email Address, and the telephone number you used when registering with TicketBiscuit. It also contains the TicketBiscuit accounts that you are authorized. The account “Key” returned by this call is used as part of the url in all subsequent calls. Note that the “Key” is case-sensitive.

An authorization cookie was also returned upon a successful log in. This cookie must be included in subsequent calls that require authentication, i.e. user requests, reserving tickets, etc.

Invalid Email Address or Password

An Unauthorized (401) HTTP response is returned should the email address and or password be invalid.