Authorization

To use our APIs, you must be authorized.

Our APIs check the authorization by using an access token mechanism (Bearer). This means that each call to any of our APIs must include an access token that must have been previously obtained.

This access token has a limited validity period after which it expires. Once it expires, a new one has to be requested again.

How to obtain the access token (Bearer) to use the APIs?

Each company or user that needs to use any of our APIs must be registered in our system and have a key and password.

API’s key and password are the basis for generating the authorization token that will be used to connect and obtain the access token to the APIs.

To get the access token you have to do the following:

1. Generate the authorization token.

The authorization token is the result of base 64 encoding the concatenation of the API key and API password with the ‘:’ character between them.

2. Make the request to obtain the access token

Once the authorization token is generated, an https POST call must be made to get-access-token API, passing the authorization token in the Authorization parameter of the request header indicating the Basic Auth mode:

Authorization: Basic {authorization token}