Authentication

The Orders API utilizes a secure encapsulated data environment that requires 2-legged authentication, which differs from the standard API key approach.

2-Legged Authentication Flow

Request Access Token:
- Send a request to the Authentication endpoint with your credentials
- Format: userID:password (Base64 encoded)
- Example: Authorization: Basic dXNlcklEOnBhc3N3b3Jk
Receive Access Token:
- Upon successful authentication, the server returns an access token
- The token has a limited validity period (default: 10 minutes)
Use Access Token:
- Include the token in the Authorization header for all subsequent API requests
- Format: Authorization: Bearer {access_token}

Example Authentication Request

GET order-authentication
Host: staging.api.liquidcommerce.cloud
Authorization: Basic dXNlcklEOnBhc3N3b3Jk
Content-Type: application/json

Example Authentication Response

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "type": "ORDER_API",
  "exp": 1767009669678
}

Token Expiration and Renewal

Access tokens expire after their designated lifetime. When a token expires, you must request a new one using your credentials. Do not store access tokens for extended periods.

Security Considerations

Never share your userID and password in client-side code
Store access tokens securely and transmit only over HTTPS
Implement token refresh logic to handle expiration during active sessions

PreviousOrders API NextGet Order

Last updated 5 days ago

hashtag2-Legged Authentication Flow

hashtagExample Authentication Request

hashtagExample Authentication Response

hashtagToken Expiration and Renewal

hashtagSecurity Considerations

2-Legged Authentication Flow

Example Authentication Request

Example Authentication Response

Token Expiration and Renewal

Security Considerations