top of page


Server-to-Server Authentication 

Supported Protocol: HTTPS

Configure Server to Server authentication

  • Request a project-specific API key from Trax. This will be available via API Management within X-Suite

  • Provide Trax with a list of domains/IPs of the servers from which API requests will arrive
    The API key will need to be renewed every 12 months


All Trax API Requests must have an Authorization header key-value pair as defined below

Key: Authorization | Value: Auth-Token [project-api-key-here]

Request Example



Authorization: Auth-Token [YOUR-PROJECT_API-KEY]

Validation & Errors

Missing or invalid HTTP Authorization header

  • Error Code: 401-Unauthorized

  • Error: {"description": "missing Authorization:Auth-Token header value"}

Invalid API key

  • Error Code: 401-Unauthorized

  • Error: {"description": "the API key is invalid"}

Invalid token

  • Error Code: 400 Bad request

  • Error: {"error_description": "invalid token"}

Invalid API Authorization Value

  • Error Code: 400 Bad request

  • Error: {"error_description": "invalid token"}

Request arrived from unsupported host 

  • Error Code: 401 -Unauthorized 

  • Error: {"error_description": "Host <ip> is not authorized to access
    this endpoint"}

    N.B Domain names are preferable in cases there is a usage of dynamic IP allocation

bottom of page