Http Authorization Header

JasdeepJasdeep Member Posts: 11

Hello,


I'm making request to eCom api without passing any header and it's working fine, where the url is "https://{{api_key}}:{{api_secret}}@api.{{cluster}}.com/fc/account.json"

As per the documentation,https://developers.lightspeedhq.com/ecom/introduction/authentication/ , it states that for authentication purpose, header has to be passed. I'm not sure what it is. Can you please advise on this.,

Thanks,

Jasdeep

2 comments

  • ziftytoddziftytodd Member Posts: 7

    If you put the key and secret in the URL like that, your HTTP client is translating it into the Authorization header for you. If you were to inspect the request headers that get sent to the server, you'd see a header has been added that is something like "Authorization: Basic [hashed data here]".

  • JasdeepJasdeep Member Posts: 11
    edited May 2021

    Is it a correct statement, that if I want to make rest api call,

    I can make call to the url - https://api.{{cluster}}.com/us/shop.json instead of

    https://{{api_key}}:{{api_secret}}@api.{{cluster}}.com/us/shop.json, provided I pass Authorization header in HTTP headers. And that will not create any issues.

Sign In or Register to comment.