Authentication
Server-to-Server Authentication
Supported Protocol: HTTPS
Configure Server to Server authentication
-
Request a project-specific API key from Trax. This will be available via API Management within X-Suite
-
Provide Trax with a list of domains/IPs of the servers from which API requests will arrive
The API key will need to be renewed every 12 months
Request
All Trax API Requests must have an Authorization header key-value pair as defined below
Key: Authorization | Value: Auth-Token [project-api-key-here]
Request Example
POST https://services.traxretail.com/api/<request-path>
HTTP/1.1
Authorization: Auth-Token [YOUR-PROJECT_API-KEY]
Validation & Errors
Missing or invalid HTTP Authorization header
-
Error Code: 401-Unauthorized
-
Error: {"description": "missing Authorization:Auth-Token header value"}
Invalid API key
-
Error Code: 401-Unauthorized
-
Error: {"description": "the API key is invalid"}
Invalid token
-
Error Code: 400 Bad request
-
Error: {"error_description": "invalid token"}
Invalid API Authorization Value
-
Error Code: 400 Bad request
-
Error: {"error_description": "invalid token"}
Request arrived from unsupported host
-
Error Code: 401 -Unauthorized
-
Error: {"error_description": "Host <ip> is not authorized to access
this endpoint"}
N.B Domain names are preferable in cases there is a usage of dynamic IP allocation