Skip to Content

User Guide

Business Portal Login

Authentication

All API requests need to be authenticated using an API key and API secret key.

 

HTTP Basic Auth

Authentication is completed using HTTP basic auth.

All requests must be made over a SSL connection, requests attempted using HTTP will be rejected.

  1. API key and secret are combined into a string "key:secret".
  2. The string is then base64 encoded (but without the 76 characters per line restriction).
  3. This is included in an Authorization header after the word "Basic".

 

In this example, the key is ZmwOJHOTl0ME5AdK and the secret is tizuSqdzfHf0sqTG.

  1. The key and secret are combined, to create the string ZmwOJHOTl0ME5AdK:tizuSqdzfHf0sqTG.
  2. This is base64 encoded, to create the string Wm13T0pIT1RsME1FNUFkSzp0aXp1U3FkemZIZjBzcVRHCg==.
  3. The word "Basic" is prepended, and the result is set in an Authorization header.

The final header is:

Authorization: Basic Wm13T0pIT1RsME1FNUFkSzp0aXp1U3FkemZIZjBzcVRHCg==

 

Further reading

Basic access authentication