HTTP Authentication / Authorization

Because Mergent allows you to set the request headers, it’s easy to use standard or custom headers per request. Some common examples:

Basic Authentication

When creating a Task, set the request headers to include {"Authorization": "Basic ..."}.

Bearer Authentication

When creating a Task, set the request headers to include {"Authorization": "Bearer ..."}.

Validating Origin Signatures

Mergent signs all Task/Schedule HTTP requests with the X-Mergent-Signature header. This signature is an HMAC-SHA1 hash of the request body signed by your project’s API key.

Mergent libraries have support for validating this signature built in.

JavaScript:

const validator = new RequestValidator("your project's API key");
validator.validateSignature("request body", "the value of X-Mergent-Signature");

Ruby:

validator = Mergent::RequestValidator.new("your project's API key")
validator.valid_signature?("request body", "the value of X-Mergent-Signature")

Was this page helpful?

Viewing Task HistoryQuotas & Limits