The Magic API uses Basic authentication, a simple method for an HTTP user agent to provide a user name and password when making a request.

In basic HTTP authentication, a request contains a header field in the form of Authorization: Basic , where credentials is the Base64 encoding of ID and password joined by a single colon :

All API endpoints require this form of authentication. Failure to correctly authenticate an API request will result in a "401 Unauthorized" response.

Consider the following example.

Merchant TokenSecret Key

The Authorization header can then be formed by including the word Basic, followed by the base 64 string of "Demo:test"

Final result
Authorization: Basic ZGVtbzp0ZXN0