Please note that this API works on Sandbox endpoint only.
PUBLIC=> authentication failed
ONLINE_SHOP=> authentication success
DEVICE=> authentication success
- The expected behavior of not passing any signature header is to get a 200 response with only the
rolekey populated as
- If you get a 403 or 401 error, either the signature string is malformed or the key-id is wrong or the public key has not been formatted correctly
- If you get
PUBLICas role when providing the signature header, the key-id was recognized but the signature is wrong.
If your authentication is not working and you still get
PUBLIC role, we suggest to double check both digest and signature with our tools:
Make sure that:
- You are adding all the mandatory headers
- The Request path in the (request-target) includes the QUERY PARAMS