...
| Info |
|---|
| The latest versions of Meridix (3.9.0.5130 or later) support two types of API authentication; JWT and Request signing. The recommended approach is to use JWT if available. |
Option 1 - JWT - JSON Web Token support (recommended)
Meridix support JWT and a token can be created at the API endpoint located atĀ /api/auth/jwt by sending the the token and secret as a payload se below with the Content-Type header set to application/json.
...
| Info |
|---|
| Note that JWT support is only available in Meridix versionĀ 3.9.0.5130 or later. For older versions use the signature based approach. |
Since 4.0 it's also possible to use the following headers to use the token/secret directly instead of creating a JWT (Api-Token and Api-Secret). They are only supported when HTTPS is used and authenticates the request based on those two header values.
Option 2 - Creating a signed request
Meridix has a tool that can help you create the signed request:
http://lab.meridix.se/meridixwebapisign
The tool takes a URL, Token, Secret, Nonce and Timestamp and displays all the intermediate parts in the correct format (see steps below).
...