There are 2 options:
Fixed header
All requests made to third party servers will have the same header in the following format:
name:value
Example:
x-api-key: ‘2345fghgh5vbt45fgfgf’
The name and value can be anything the client needs.
Oauth2 token
Riskline will first make a request to a third party server to fetch a token. That token will be used for all requests until the token expires, at which moment Riskline will request a new token.
Requesting token
POST https://clienturl.com/oauth2
Body: grant_type=’client_credentials’
Headers: ‘Authorization: Basic’: base64encodedstring
The base64encoded string represents the following:
clientid:clientsecret
The two values for clientid and clientsecret are provided by the client.
Response Code: 200
Body: access_token=tokengoeshere experies_in=3600
This header will be sent as follows on all requests:
‘Authorization: Bearer’: ‘tokengoeshere’