Authentication

The Orders API utilizes a secure encapsulated data environment that requires 2-legged authentication, which differs from the standard API key approach.

2-Legged Authentication Flow

Request Access Token:
- Send a request to the Authentication endpoint with your credentials
- Format: userID:password (Base64 encoded)
- Example: Authorization: Basic dXNlcklEOnBhc3N3b3Jk
Receive Access Token:
- Upon successful authentication, the server returns an access token
- The token has a limited validity period (default: 60 minutes)
Use Access Token:
- Include the token in the Authorization header for all subsequent API requests
- Format: Authorization: Bearer {access_token}

Example Authentication Request

POST order-authentication
Host: staging.api.liquidcommerce.cloud
Authorization: Basic dXNlcklEOnBhc3N3b3Jk
Content-Type: application/json

Example Authentication Response

{
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "tokenType": "Bearer",
  "expiresIn": 3600
}

Token Expiration and Renewal

Access tokens expire after their designated lifetime. When a token expires, you must request a new one using your credentials. Do not store access tokens for extended periods.

Security Considerations

Never share your userID and password in client-side code
Store access tokens securely and transmit only over HTTPS
Implement token refresh logic to handle expiration during active sessions

PreviousOrders API NextGet Order

Last updated 2 months ago