Authentication

HTTP Basic Auth is used. Due to this it is required that HTTPS is used at all times. The Integration Platform will reject requests using HTTP only, however this may still cause client credentials to be exposed unencrypted and it is therefore vital that clients never use plain HTTP requests.

Headers

Authentication is achieved using HTTP Basic Auth with a few special HTTP headers. Required HTTP headers are;

X-Reseller

Specifies reseller (by code name) to interact with.

Authorization

HTTP Basic Auth header and value should therefore have the format like Basic BASE64(UTF8(<username>:<password>)).

Authentication example

$ curl \
    -u '<USERNAME>':'<PASSWORD>' \
    -H 'X-Reseller: <RESELLER CODE>' \
    https://api.{HOSTNAME}/reseller/