Skip to main content
The RC API Client supports two authentication methods: Bearer token authentication and Basic authentication.

Authentication Enum

The Authentication enum defines the supported authentication methods:
src/rc_api.rs:355-372
#[derive(Debug, Clone)]
pub enum Authentication {
    Bearer(String),
    Basic { email: String, password: String },
}

impl Authentication {
    fn to_header_value(&self) -> String {
        match self {
            Authentication::Bearer(token) => format!("Bearer {}", token),
            Authentication::Basic { email, password } => {
                let credentials = format!("{}:{}", email, password);
                let encoded = base64::engine::general_purpose::STANDARD.encode(credentials);
                format!("Basic {}", encoded)
            }
        }
    }
}

Variants

Authentication
enum
Authentication method for API requests.

Bearer Token Authentication

Bearer token authentication is the recommended method for most use cases. You can obtain a personal access token from your RC settings.

Creating a Client with Bearer Token

use rc_api::RcApiClient;

let client = RcApiClient::new("your_token_here".to_string())?;

Real-World Example

From the RC VCF Generator:
src/main.rs:323-326
let auth = rc_api::Authentication::Bearer(
    std::env::var("RECURSE_PAT").expect("RECURSE_PAT environment variable not set"),
);
let client = rc_api::RcApiClient::with_auth(auth).expect("Failed to create API client");

Basic Authentication

Basic authentication uses your RC email and password. This method is required for certain operations like creating tokens.

Creating a Client with Basic Auth

use rc_api::RcApiClient;

let client = RcApiClient::with_basic_auth(
    "user@example.com".to_string(),
    "password".to_string(),
)?;

Base64 Encoding

The client automatically encodes your credentials to base64 format: 
// Input: email="user@example.com", password="password"
// Output: "Basic dXNlckBleGFtcGxlLmNvbTpwYXNzd29yZA=="
Basic authentication credentials are base64-encoded automatically. You don’t need to encode them yourself.

When to Use Each Method

Use Bearer token authentication when:
  • You have a personal access token
  • You’re building a production application
  • You want to avoid hardcoding passwords
  • You’re accessing read-only data (profiles, batches, etc.)
Advantages:
  • More secure (can be revoked without changing password)
  • Can be scoped to specific permissions
  • Recommended for most use cases

Authorization Header

The client automatically adds the Authorization header to all requests:
src/rc_api.rs:416-423
fn auth_headers(&self) -> HeaderMap {
    let mut headers = HeaderMap::new();
    headers.insert(
        AUTHORIZATION,
        HeaderValue::from_str(&self.auth.to_header_value()).unwrap(),
    );
    headers
}

Header Format

Authorization: Bearer your_token_here

Security Best Practices

Never commit tokens or passwords to version control. Always use environment variables or secure secret management.

Using Environment Variables

Create a .env file:
.env
RECURSE_PAT=your_token_here
Load it in your application: 
use dotenv::dotenv;

fn main() {
    dotenv().ok();
    
    let token = std::env::var("RECURSE_PAT")
        .expect("RECURSE_PAT not set");
    let client = RcApiClient::new(token)?;
}

.gitignore

Make sure to ignore your .env file:
.gitignore
.env
*.env

Testing Authentication

You can test your authentication by calling get_my_profile(): 
use rc_api::RcApiClient;

let client = RcApiClient::new("your_token".to_string())?;

match client.get_my_profile() {
    Ok(profile) => println!("Authenticated as: {}", profile.name),
    Err(e) => eprintln!("Authentication failed: {}", e),
}

Next Steps

Create Tokens

Learn how to create personal access tokens

Error Handling

Handle authentication errors

Profiles API

Start using the authenticated client

Build docs developers (and LLMs) love

Get started for freeTalk to us