REST API Autenthication with QueryParamAuth

Hi all,

I want to my Android application to receive data using REST API.

Currently,I can call the REST API just fine when I am logged in on my web browser but once I am logged off,a blank json array is returned.

How do I authenticate the user with a token in the URL using QueryParamAuth so that I can receive data from any device.

Try the below:

class ApiController extends Controller


    public function beforeAction($action) {

        // Do it here if you want auth a user for each action


    public function actionAuth($token)


        $user = User::find()->where('token = :token', [':token'=> $token])->one();

        if (!$user) {throw new Exception('403')}



Sorry, not enaugh green tea… I didn’t notice that you want to use QueryParamAuth. Take a look at this