Authenticate

The POS API controls access with an Identity and Key provided to registered consumers of the API. A short-lived token is generated using the Identity and Key and all subsequent API calls require the token to succeed. This endpoint provides the ability to submit an Identity and Key, and receive an authentication token in response. The token will expire after 24 hours, and thus it is a good idea to renew it once every 23 hours to avoid any failed requests.

Authenticated endpoints may reject an auth token. If this occurs, the integration should re-authenticate and attempt the request using a fresh authentication token.

Headers
  • X-Auth-Identity
    Type: string

    The API identity to authenticate with.

  • X-Auth-Key
    Type: string

    The API key to authenticate with.

Responses
  • 401

    Unauthorized - Authentication credentials were rejected.

Request Example for get/auth
curl https://posapi-staging.sparkfly.com/auth \
  --header 'X-Auth-Identity: ' \
  --header 'X-Auth-Key: '
No Body

Authentication succeeded. Authentication token supplied in response headers.