English

All endpoints in the Shutterstock API require authentication facilitated by an application. There are two ways to authenticate.

  • Basic Authentication
  • OAuth 2.0

Basic Authentication

You can use basic authentication to make requests against the Shutterstock API as long as the endpoint does not require an OAuth scope. Please note that this form of authentication does not require an access token to be passed in via headers.

  1. Create an application or use an existing application [link] to obtain your client_id and client_secret.
  2. Using your client_id and client_secret, you can access the endpoints that do not require OAuth scopes. Here is an example of a workflow using basic authentication.
     

    1. Make an image search request using your client_id and client_secret.
      $ curl --get --user ${client_id}:${client_secret} \
       https://api.shutterstock.com/v2/images/search \
       --data-urlencode "query=donkey"
    2. You can paginate the search using page and per_page query parameters.
      $ curl --get --user ${client_id}:${client_secret} \
       https://api.shutterstock.com/v2/images/search \
       --data-urlencode "query=donkey" \
       --data-urlencode "page=2" \
       --data-urlencode "per_page=1"
    3. You can further restrict the data returned by all requests using the fields parameter (see Google Partial Responses for supported syntax).
      $ curl --get --user ${client_id}:${client_secret} \
       https://api.shutterstock.com/v2/images/search \
       --data-urlencode "query=donkey" \
       --data-urlencode "page=2" \
       --data-urlencode "per_page=1" \
       --data-urlencode "fields=data(id,description)"

OAuth 2.0

You can use OAuth 2.0 to make requests against the Shutterstock API for endpoints that require scope. This is useful when your integration requires users to log into and access information about their Shutterstock account. Please note that this form of authentication requires an access token be passed in via headers.

  1. Create an application or use an existing application [link].
  2. Create an access token. Our Single User Integration guide shows one possible flow.