Authentication

Authentication of the APIs is performed using a key pair in the HTTP header (header) of the requests.

The following keys are mandatory in the API call:

CLIENT_ID:

This is the Identification of your created APP. You can found this information in your APPs list. This ID will be the same in Sandbox and Production environment.

ACCESS_TOKEN:

Access key. After you create a new APP this key is created also, an access key is generated and can be used to call the APIs in the Sandbox.


Access Key for PRODUCTION

To get a acess key for the Production environment. Your APP must first go through the Multiplus approval process. This process is not automatic and need to follow the flow of approval from our company.


OAuth

The API supports the OAuth 1.0a. Accepting parameters via the Authorization header, with the HMAC-SHA1 signature method only. There's probably already a library in your plataform. You can verify in the following site OAuth client library for more informations.