Optimizely will be sunsetting Full Stack Experimentation on July 29, 2024. See the recommended Feature Experimentation migration timeline and documentation.

Dev GuideAPI Reference
Dev GuideAPI ReferenceUser GuideGitHubNuGetDev CommunitySubmit a ticketLog In
GitHubNuGetDev CommunitySubmit a ticket

Use the Full Stack (Legacy) REST API

This topic describes how to get started using the Optimizely Full Stack (Legacy) REST API.

The Optimizely REST API allows you to interface with Optimizely programmatically to build customized integrations and workflows. For example, you can create feature flags from an automated script, build custom dashboards of feature test results, or connect your experiments to other project management tools.

Integrate the REST API



Because our REST API is used for both Optimizely Web and Full Stack, some resources may not be applicable for your use cases. See the API reference documentation for applicable endpoints.

For production use cases, you will want to integrate these API calls directly into your own application.

We recommend authenticating using OAuth 2.0. However, to make our API easily explorable, we have also implemented Personal Access Tokens.

For a full guide to all our REST API endpoints, see the Optimizely REST API reference.

Generate a token

To generate a personal token in Optimizely:

  1. Go to Profile > API Access and click  Generate New Token.

  2. Enter a token name and click Create.

  3. If you are an administrator, you can create tokens for other collaborators on the account. Use the dropdown menu to select a collaborator. If you are not an administrator for the account, you can only generate a personal token for yourself.

  4. Copy the token.

For security purposes, when you navigate away from the API Access tab, the token will no longer be visible when you return. If you need a token, generate a new one.

Keep your tokens secret; treat them like passwords! If you need a new one, revoke or delete the token and generate another.

Revoke a token

Revoking a token permanently removes it, so you can no longer use it to connect to the Full Stack APIs. If you are an administrator, you can revoke any personal token attached to the account. If you are not an administrator for the account, you can only revoke the tokens that you generate for yourself.

To delete a token:

  1. Go to Profile > API Access.
  2. Under Personal Access Tokens, click Revoke.
  3. Click Delete Token to confirm. You cannot undo this action.

Authenticate with your access token

To authenticate, use a token generated from the instructions above in the request header, as shown in the example below. All API request examples in this documentation use the same header.

curl -H "Authorization: Bearer abcdefg123456" \



Using the wrong token will fail with error 403 - Authentication Failed. If you forget to add the token or set the token on the wrong header/on the body, the request will fail with 401 - Unauthorized.

See Optimizely Full Stack REST API reference documentation.