App authentication
⚠ App authentication is only needed when using ClientLogin for user authentication. Please use OAuth 2.0 authentication endpoint for new apps and migrate existing ones when possible.
Before you can use the API, you must first register your application. When you do so, you will receive two very important parameters:
App IDApp Key
⚠ DO NOT SHARE YOUR APP ID AND APP KEY! It is not a correct design for your application to require end users to enter their own App ID and App Key. Users on the Free plan will not be granted access to the developer API, so they won't be able to use your app.
You need to pass those parameters in every API request.
There are two ways you can do this:
As HTTP headers
This is the preferred method of authenticating your app.
Send the ID in the AppId header and the key in the AppKey parameter, e.g.:
POST /reader/api/0/subscription/list HTTP/1.1
User-Agent: my-awesome-app
Host: www.inoreader.com
Authorization: GoogleLogin auth=G2UlCa...Fx
AppId: 1000001414
AppKey: kk18irxGeoXA5wyFg9U1PpTuabDu2WWG
As request parameters (GET or POST):
If for some reason, you cannot control the request headers (e.g. for browser extensions) you can use this method.
Send the ID in the AppId parameter and the key in the AppKey parameter, e.g.:
https://www.inoreader.com/reader/api/0/user-info?AppId=1000001414&AppKey=kk18irxGeoXA5wyFg9U1PpTuabDu2WWG
If for some reasons your app credentials are not accepted, you will receive a 403 HTTP response code. If you are above your rate limit for the current zone you will receive a 429 HTTP response code.
See Error handling and Rate limiting for details.