Authentication and Authorization

Welcome to the Authentication and Authorization guide for the WareTrack API. This article provides an overview of how to securely access and use the WareTrack API through proper authentication and authorization mechanisms.

Overview

The WareTrack API requires authentication to ensure that only authorized users can access certain endpoints. This guide covers the following aspects:

  • Authentication Methods: How to authenticate API requests.
  • Authorization: Ensuring users have appropriate permissions.
  • Security Best Practices: Tips for keeping your API interactions secure.

Authentication Methods

To access the WareTrack API, you must include a valid API key or token in your requests. The authentication process typically involves:

  1. Generating an API Key: Follow the instructions in the  Setup Guide /  Getting Started with WareTrack guide to generate your API key.

  2. Using the API Key: Include the API key in the request headers. For example:

    Authorization: Bearer <Your-API-Key>

  3. Token Expiry: API keys or tokens may have an expiry period. Refer to  SalesOrders Sales Orders for information on handling expired tokens.

Authorization

Authorization ensures that users have the right level of access to different parts of the API. WareTrack uses role-based access control to manage permissions.

  • Admin Role: Full access to all API endpoints.
  • User Role: Limited access based on assigned permissions.

For detailed information on endpoint permissions, check the  API documentation /  Endpoints Overview article.

Security Best Practices

  • Use HTTPS: Always use HTTPS to encrypt API requests and responses.
  • Regenerate API Keys Regularly: Periodically regenerate your API keys to enhance security.
  • Monitor API Usage: Keep track of your API usage and look out for any unusual activities.

Related Tables

We hope this guide helps you securely manage access to the WareTrack API. If you have any questions, don't hesitate to reach out to our support team.