Understanding Full Permission API Key
How to make API calls using API Key and API Secret combination?
API calls can be made using the the API Key and API Secret combination. They omit all the security measure.
While making the API calls instead of passing the x-apikey header, basicAuth can be used.
Basic authentication is a simple authentication scheme built into the HTTP protocol. To use it, send your HTTP requests with an Authorization header that contains the word Basic followed by a space and a base64-encoded string api-key:api-secret
Example: Authorization: Basic ZGVtbzpwQDU1dzByZA==
Example
1
curl --location --request POST 'https://platform.nector.io/api/v2/merchant/leads' \
2
--header 'authorization: Basic ZGVtbzpwQDU1dzByZA==' \
3
--header 'x-source: <source>' \
4
--header 'Content-Type: application/json' \
5
--data-raw '{
6
"customer_id": "customer-id"
7
}'
Copied!
We strongly recommend using it only from backend servers
Copy link