Authorization

The Sovrn Commerce APIs require an Authorization header to be added to each request. This ensures not only that we keep our data secure, but also that the correct information is returned for your account.

For each request the Secret Key for the site you are enquiring about must be used. There will be different secret keys for different sites within the same account.

Getting the Secret Key for your site

To find the secret key for a site

  • Log into the Sovrn Platform
  • Go to Commerce Settings
  • Under actions, click on the Key to view the API keys for that site
  • If no secret key have been created, click on "generate secret key"

The secret key is like a password and should not be shared. If you believe your secret key has been compromised please click on the "regenerate" link in the same screen above to invalidate the previous secret key and create a new one.

Note: By regenerating your secret key, all API calls that use the existing secret key will stop working until updated with the newly generated key.

Adding Authorization to your API call

To pass the Authorization details of your Secret Key to the API it must be added as an Authorization header. The value of the header is

secret {SECRET KEY}

Please ensure that the word "secret" is included as text, plus a space, before passing the value of your Secret Key.