How can I get CST and X-SECURITY-TOKEN parameters?

  • Created

Before start using API, you should authenticate to create a session.
Authentication:
There are 2 ways to start the session:

  • Using your API key, login and password details;
  • Using your API key, login and encrypted password details.
  1. API key, login and password details. The value of the encryptionKey parameter in the POST /session endpoint = false
    - Here you should simply use the POST /session endpoint and mention the received in the platform’s Settings API key in the X-CAP-API-KEY header, login and password info in the identifier and password parameters.
  2. API key, login and encrypted password details. The value of the encryptionKey parameter in the POST /session endpoint = true
    - First of all you should use the GET /session/encryptionKey and mention the generated in the platform’s Settings API key in the X-CAP-API-KEY header. As a response you will receive the encryptionKey and timestamp parameters;
    - Using the received encryptionKey and timestamp parameters you should encrypt your password using the AES encryption method.
    - Go to the POST /session endpoint, set true value for the encryptionKey parameter and mention the received in the platform’s Settings API key in the X-CAP-API-KEY header, login and prior encrypted password info in the identifier and password parameters.

Upon starting the session you will receive the CST and X-SECURITY-TOKEN parameters in the response headers. Both of these tokens are to be used in the headers of every request you are sending.

Was this article helpful?

0 out of 0 found this helpful