We chose a simple security model for our services in order to allow the widest range of languages and frameworks to call them.
All service URLs are HTTPS only. If you attempt to use HTTP, you will receive a 404-NotFound error.
Every service URL is secured with Basic Auth. You will need to request an account name and token before making any service calls. Without a valid token you will receive a 401-Unauthorized error. Each version of each service is secured with a unique role. Your token may or may not be granted all roles.
Roles to other services will be granted based on requirements and business need. At a minimum you will most likely have access to /status/ping/1.0.
Please feel free to contact us if you have any questions or concerns.
