Clients can interact with S2 at its public http endpoints, primarily with JSON bodies conforming to its OpenAPI spec. Data plane endpoints also support protobuf.

Authentication

The API requires a Bearer access token to authenticate requests.

S2 SDKs take care of supplying it automatically. If you are using curl, you can provide it with -H "Authorization: Bearer ${S2_ACCESS_TOKEN}".

The first usage of an access token on a connection may experience a latency overhead for verification, typically tens of milliseconds. Subsequent requests will not incur such an overhead.

Compression

To optimize network usage, S2 supports compressed request and response bodies with the following algorithms:

  • zstd preferred
  • gzip

Standard HTTP semantics around Content-Encoding and Accept-Encoding apply.

Not all responses may be compressed, even if Accept-Encoding is set to a supported algorithm. Clients must check the Content-Encoding header on each response to determine whether the body is compressed and which encoding was used.