Before start using API, you should authenticate to create a session.
Authentication:
There are 2 ways to start the session:
- Using your API key, login and password details;
- Using your API key, login and encrypted password details.
Here you should simply use the POST /session endpoint and mention the received in the platform’s Settings API key in the X-CAP-API-KEY header, login and API key password info in the identifier and password parameters. The value of the encryptedPassword parameter should be false.
- First of all you should use the GET /session/encryptionKey and mention the generated in the platform’s Settings API key in the X-CAP-API-KEY header. As a response you will receive the encryptionKey and timeStamp parameters;
- Using the received encryptionKey and timeStamp parameters you should encrypt your API key password using the AES encryption method.
- Go to the POST /session endpoint, set true value for the encryptedPassword parameter and mention the received in the platform’s Settings API key in the X-CAP-API-KEY header, login and prior encrypted API key password info in the identifier and password parameters
Upon starting the session you will receive the CST and X-SECURITY-TOKEN parameters in the response headers. Both of these tokens are to be used in the headers of every request you are sending.