Authentication
Authenticating ACCESSTRADE publisher API requests involves the JWT(JSON Web Tokens) specification. The authorization HTTP header must be specified with a bearer JWT which consists of 1 JWT header property - alg
, and 2 JWT claims - sub
and iat
. The JWT has to be signed with the "secretKey"
returned in the User Provisioning API response.
alg
: the encryption algorithm must be set toHS256
sub
: the "userUid"
returned in the User Provisioning API responseiat
: an epoch time in seconds, generated on the client side
JWT Sample
JWT Header
{ "alg":"HS256" }
JWT Payload
{ "sub":"myUserUid", "iat":1477204353 }
Required Http Request Headers for API Authentication
Authorization: Bearer <signedJwtToken>
X-Accesstrade-User-Type: publisher