Authentication


Authenticating ACCESSTRADE publisher API requests involves the JWT(JSON Web Tokens) specification. The authorization HTTP header must be specified with a bearer JWT which consists of 1 JWT header property - alg, and 2 JWT claims - sub and iat. The JWT has to be signed with the "secretKey" returned in the User Provisioning API response.


JWT Sample

  • JWT Header


{
    "alg":"HS256"
}


  • JWT Payload


{
    "sub":"myUserUid",
    "iat":1477204353
}


Required Http Request Headers for API Authentication

  • Authorization: Bearer <signedJwtToken>

  • X-Accesstrade-User-Type: publisher