Authentication
The Orders API utilizes a secure encapsulated data environment that requires 2-legged authentication, which differs from the standard API key approach.
2-Legged Authentication Flow
Request Access Token:
Send a request to the Authentication endpoint with your credentials
Format:
userID:password(Base64 encoded)Example:
Authorization: Basic dXNlcklEOnBhc3N3b3Jk
Receive Access Token:
Upon successful authentication, the server returns an access token
The token has a limited validity period (default: 60 minutes)
Use Access Token:
Include the token in the Authorization header for all subsequent API requests
Format:
Authorization: Bearer {access_token}
Example Authentication Request
POST order-authentication
Host: staging.api.liquidcommerce.cloud
Authorization: Basic dXNlcklEOnBhc3N3b3Jk
Content-Type: application/jsonExample Authentication Response
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"tokenType": "Bearer",
"expiresIn": 3600
}Token Expiration and Renewal
Access tokens expire after their designated lifetime. When a token expires, you must request a new one using your credentials. Do not store access tokens for extended periods.
Security Considerations
Never share your userID and password in client-side code
Store access tokens securely and transmit only over HTTPS
Implement token refresh logic to handle expiration during active sessions
Last updated