Shipping API security authentication

How does it work?

The shipping API uses the industry standard OAuth2 verification method. This is a standard security protocol that enables a secure connection by generating a token to identify a user, which is then required in communications from the user to the system over a connection (in most cases the internet).

🚧
For the shipping API, the token generated will have a session time out of 30 minutes. After which time the user will need to either refresh their session or to generate a new token. This time out is in place to ensure increased security.

To generate a token, users will need to log on to the system using their Customer ID and their Customer Secret, for further information about these two credentials, please refer to the API Portal website.

Once you have received a security token from the system, this will need to be included in your JSON message header during your user session. If the token is not present, has timed out, or is invalid then you will not be granted permission to perform actions via the shipping API.

The token itself is a long string of randomly generated values – that can easily be copied and applied to the header in your messages.

For further information on what should be contained within the JSON file header, please refer to the Shipping API JSON formatting rules.

How does it work?

🚧For the shipping API, the token generated will have a session time out of 30 minutes. After which time the user will need to either refresh their session or to generate a new token. This time out is in place to ensure increased security.

🚧
For the shipping API, the token generated will have a session time out of 30 minutes. After which time the user will need to either refresh their session or to generate a new token. This time out is in place to ensure increased security.