Authentication
The Certisign Portal APIs authentication is carried out with the information of a Token you have to send in the header to authenticate all requests.
Getting the Token for Sandbox
Once a new subscription is created in the developer portal, a Token is generated with the access rules required to access the Sandbox API.
You can view all your Sandbox subscriptions in the Profle menu.
Getting the token for Production
When you finish testing the Sandbox and your integration is ready for Go Live, you will need a new token with the necessary access rules for the production environment.
Unlike the Sandbox environment, the generation of this new token is not performed here in the Developer Portal. See more here.
Notes: The API Token is different for your test and your production application.
Transport Protocol
For security reasons, all information passed through the APIs should be made through HTTPS protocol, which ensures a safe channel and eliminates the manually encrypted tokens. So, you can only use our API through HTTPS protocol and calls made over plain HTTP will fail.
Authentication Errors
Inexistent/wrong Token:The error 401 Unauthorized is returned.Access denied due to invalid subscription key. Make sure to provide a valid key for an active subscription.