The Optimizely Feature Experimentation REST APIs let you interface with Optimizely programmatically to build customized integrations and workflows. For example, you can create feature flags from an automated script or build custom dashboards of experiment results.

Integrate the REST API

📘
Note
The Optimizely Experimentation's REST APIs are used for both Optimizely Web Experimentation and Optimizely Feature Experimentation, so some resources may not be applicable for your use case. See About the Feature Experimentation APIs for a list of available endpoints.

For production, you should integrate the REST API calls directly into your application. You should use OAuth 2.0. For implementation details, see the Optimizely Web Experimentation OAuth 2.0 documentation.

To make the APIs easily explorable, Optimizely has also implemented personal access tokens.

Generate a token

To generate a personal access token in Optimizely

Go to Profile > API Access and click Generate New Token.
(Optional) If you are an administrator, you can create tokens for other collaborators on the account. Use the drop-down list to select a collaborator.
Enter a token name and click Create.
Copy the token.

For security purposes, when you go away from the API Access tab, the token is no longer visible when you return. If you need a token, generate a new one.

🚧
Important
Keep your tokens secret and treat them like passwords. If you need a new one, revoke or delete the token and generate a new one.

Revoke a token

Revoking a token permanently removes it, so you can no longer use it to connect to the Feature Experimentation APIs. If you are an administrator, you can revoke any personal token attached to the account. If you are not an administrator for the account, you can only revoke the tokens that you generate for yourself.

To revoke and delete a token

Go to Profile > API Access.
Under Personal Access Tokens, click Revoke.
Click Delete Token to confirm. You cannot undo this action.

Authenticate with your access token

To authenticate, use a token generated from the previous instructions in the request header, as shown in the following example. All API request examples in this documentation use the same header.

curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" "https://api.optimizely.com/v2/projects"

Common error codes

Using the wrong token causes the call to fail with the error 403 - Authentication Failed.
Forgetting to add the token or set the token on the wrong header or on the body, the request fails with a 401 - Unauthorized error.