For full API documentation and to download a sample Postman collection, please visit

The Dragon Metrics API uses HTTP Basic Authentication to authenticate each request. As the name implies, this protocol is quite simple.

All requests must include the following HTTP request header:

Authorization: Basic {CREDENTIALS}

Where {CREDENTIALS} is a Base64 encoding of the string {username}:{password}.

(Please remember that this is your API username and password, which will be different than the one you use to log into the user interface. If you do not have API credentials, please email

For example:

Username: johdoe
Password: Lh78B30#grCgo%
Before Base64: johndoe:Lh78B30#grCgo%
After Base64: am9obmRvZTpMaDc4QjMwI2dyQ2dvJQ==
Full HTTP Request Header: Authorization: Basic am9obmRvZTpMaDc4QjMwI2dyQ2dvJQ==

Now you can make calls to the API, including this header in every request. If there is an issue with your authorization you'll receive a 401 (Unauthorized) error message.

IMPORTANT REMINDER: Although your username and password are encoded using Basic Authentication, they are not encrypted. Therefore, it's important to always send requests over HTTPS. All requests made over HTTP will be sending your username and password in plain text, and will result in a 403 (Forbidden) error response.

Did this answer your question?