Back to Developers portal

User authentication (ClientLogin)

This is the old method for authenticating a user with Inoreader. It is NOT available for new integrations. Developers are required to use our OAuth 2.0 authentication endpoint for new apps and migrate existing ones when possible.

The Inoreader API is mimicking Google ClientLogin authentication for backwards compatibility with older clients.

Request:

https://www.inoreader.com/accounts/ClientLogin

Note that while you can call other methods via plain HTTP (although not recommended), this method will return a 301 redirect if you do so.

Request parameters:

  • Email - username or email of the user.
  • Passwd - password of the user.

Response

The response for both methods is the same

> POST /accounts/ClientLogin HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: www.inoreader.com
> Accept: */*
> Content-Length: 27
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 200 OK
< Date: Wed, 03 Jul 2013 10:21:42 GMT
< Server: Apache
< X-Powered-By: PHP/5.4.16
< X-Mod-Pagespeed: 1.5.27.2-2912
< Vary: Accept-Encoding,User-Agent
< Cache-Control: max-age=0, no-cache
< Content-Length: 269
< Connection: close
< Content-Type: text/html; charset=UTF-8
<
SID=null
LSID=null
Auth=G2UlCa...Fx

If the backend is unreachable for some reason, you will get an error 503 response:

> POST /accounts/ClientLogin HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: www.inoreader.com
> Accept: */*
> Content-Length: 27
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 503 Service Temporarily Unavailable
< Date: Wed, 03 Jul 2013 11:01:32 GMT
< Server: Apache
< X-Powered-By: PHP/5.4.16
< Vary: Accept-Encoding,User-Agent
< Content-Length: 0
< Connection: close
< Content-Type: text/html; charset=UTF-8

If the username or password are incorrect, you will receive a 401 code together with an error message. For more information see Error handling.

If the response is successful (HTTP code 200), you must store the Auth token and use it in all subsequent requests to the API by including this header:

Authorization: GoogleLogin auth=G2UlCa...Fx

Back to Developers portal