{"_id":"546b91a862515a14007ebc4d","parentDoc":null,"githubsync":"","project":"545137a814af501a00b50cf9","user":"5433099f9a2b451a00ad4531","version":{"_id":"545137a814af501a00b50cfc","project":"545137a814af501a00b50cf9","__v":11,"createdAt":"2014-10-29T18:53:28.525Z","releaseDate":"2014-10-29T18:53:28.525Z","categories":["545137a814af501a00b50cfd","545138eaa66f020800dbab4a","546b9072b47b5d1400109edf","546b9082b47b5d1400109ee0","546b9088b47b5d1400109ee1","546b909462515a14007ebc43","546b90a0b47b5d1400109ee2","546ced235884600e007a92f6","5481008eea7fd40b00cd7c2b","573b9d83ee2b3b220042291f","57be1efa15efc70e006a5f99"],"is_deprecated":false,"is_hidden":false,"is_beta":true,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"__v":5,"category":{"_id":"545138eaa66f020800dbab4a","project":"545137a814af501a00b50cf9","version":"545137a814af501a00b50cfc","__v":5,"pages":["5451398d14af501a00b50d17","546b916b62515a14007ebc4b","546b91a862515a14007ebc4d","546b91c8b47b5d1400109ef6","546b91dab47b5d1400109ef8"],"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2014-10-29T18:58:50.759Z","from_sync":false,"order":3,"slug":"authentication","title":"Authentication"},"updates":[],"next":{"pages":[],"description":""},"createdAt":"2014-11-18T18:36:24.767Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"settings":"","try":true,"basic_auth":false,"results":{"codes":[]},"auth":"never","params":[],"url":""},"isReference":false,"order":2,"body":"**Making API Requests**\nWith a valid access token, your app can make calls to any Yammer API endpoint by sending the access token as a “Bearer” token in the “Authorization” request header.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"GET /api/v1/messages/following.json HTTP/1.1 \\nHost: www.yammer.com \\nAuthorization: Bearer abcDefGhi\",\n      \"language\": \"text\"\n    }\n  ]\n}\n[/block]\nFor more detail on the “Bearer” token refer to: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-23\n\nIf the access token expires, or the user de-authorizes your app, the API request will return an HTTP 401 with the following error in the body of the response.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"{\\n  \\\"response\\\": {\\n    \\\"message\\\": \\\"Token not found.\\\",\\n    \\\"code\\\": 16,\\n    \\\"stat\\\": \\\"fail\\\"\\n  }\\n}\",\n      \"language\": \"text\"\n    }\n  ]\n}\n[/block]\nYour app can request a new access token by re-running the appropriate flow if this error occurs.\n\nIf you would like your app to receive private content from the REST API you will need to set the Private Content flag ‘on’. \n\n\nPrivate content includes the following:\n·       Private messages\n·       Private groups\n·       Messages and files in Private groups\n·       Profiles\n\nFirst, make sure you are using a Verified Admin token to access private content. \n\nUsing the VA API credentials, POST a http request to the following endpoint  https://www.yammer.com/api/v1/supervisor_mode/toggle with the following raw body: {'enabled': true}.\n\nThe endpoint will return the following body if the activation was successful:\n{\n\"status\": \"success', \n\"supervisor_mode\": true\n}\n\nTokens acquired through the OAuth authorization flows outlined on in this section are supported in all Yammer network configurations. This is the appropriate option for most developers.\n\nDevelopers should be aware that if a token is acquired through the preview ADAL-based flow it will work for some endpoints and situations and not others. We are committed to maintaining and improving support for ADAL-based authentication over time. Further updates will be posted to this documentation as improvements are made and Yammer integrates further with Office 365.","excerpt":"","slug":"api-requests","type":"basic","title":"API Requests"}
**Making API Requests** With a valid access token, your app can make calls to any Yammer API endpoint by sending the access token as a “Bearer” token in the “Authorization” request header. [block:code] { "codes": [ { "code": "GET /api/v1/messages/following.json HTTP/1.1 \nHost: www.yammer.com \nAuthorization: Bearer abcDefGhi", "language": "text" } ] } [/block] For more detail on the “Bearer” token refer to: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-23 If the access token expires, or the user de-authorizes your app, the API request will return an HTTP 401 with the following error in the body of the response. [block:code] { "codes": [ { "code": "{\n \"response\": {\n \"message\": \"Token not found.\",\n \"code\": 16,\n \"stat\": \"fail\"\n }\n}", "language": "text" } ] } [/block] Your app can request a new access token by re-running the appropriate flow if this error occurs. If you would like your app to receive private content from the REST API you will need to set the Private Content flag ‘on’. Private content includes the following: · Private messages · Private groups · Messages and files in Private groups · Profiles First, make sure you are using a Verified Admin token to access private content. Using the VA API credentials, POST a http request to the following endpoint https://www.yammer.com/api/v1/supervisor_mode/toggle with the following raw body: {'enabled': true}. The endpoint will return the following body if the activation was successful: { "status": "success', "supervisor_mode": true } Tokens acquired through the OAuth authorization flows outlined on in this section are supported in all Yammer network configurations. This is the appropriate option for most developers. Developers should be aware that if a token is acquired through the preview ADAL-based flow it will work for some endpoints and situations and not others. We are committed to maintaining and improving support for ADAL-based authentication over time. Further updates will be posted to this documentation as improvements are made and Yammer integrates further with Office 365.