Before start using API, you should authenticate to create a session.
Authentication:
There are 2 ways to start the session:
- Using your API key, login and password details;
- Using your API key, login and encrypted password details.
Using your API key, login and password details
Here you should simply use the POST /session endpoint and mention the received in the platform’s Settings API key in the X-CAP-API-KEY header, login and API key password info in the identifier and password parameters. The value of the encryptedPassword parameter should be false.
Using your API key, login and encrypted password details
- First of all you should use the GET /session/encryptionKey and mention the generated in the platform’s Settings API key in the X-CAP-API-KEY header. As a response you will receive the encryptionKey and timeStamp parameters;
- Using the received encryptionKey and timeStamp parameters you should encrypt your API key password using the AES encryption method.
- Go to the POST /session endpoint, set true value for the encryptedPassword parameter and mention the received in the platform’s Settings API key in the X-CAP-API-KEY header, login and prior encrypted API key password info in the identifier and password parameters
Upon starting the session you will receive the CST and X-SECURITY-TOKEN parameters in the response headers. Both of these tokens are to be used in the headers of every request you are sending.