BREAKING CHANGES #important
There are some upcoming breaking changes to the API.
The most important change is that we're switching from HTTP Basic Auth to a cookies based authentication. Starting now, the /login endpoint will set one or more cookies. The `token` field in the returned login object will be blank. Your existing Basic Auth tokens will continue to work until the end of September, or when they expire, whichever comes first.
Along with switching to a cookies based authentication system, we have added CSRF protection to all POST endpoints. When using the `login` endpoint, the User structure that's returned now includes a `csrf_token` field. Use that value for the `csrf` POST parameter now required by these endpoints. NOTE: During this transition period, if you use HTTP Basic Auth, the csrf POST value is not required, so your code should continue to work.
Finally, we are switching the domain of the API. It has been https://api.groups.io. It is moving to https://groups.io/api/. The old domain will continue to work until the end of September, but please update your code as soon as possible.
Your code should continue to work as is until the end of September, but please update as soon as possible. Please let me know if you have any questions.