Overview

When making requests to the maesn API you need to have the right request headers set, in order to authenticate your requests.

There are two primary authentication parts of the headers that we need to set:

These two are needed to authenticate your requests to the maesn API.

X-API-KEY header

For any request you make into the maesn API this is the header that authenticates yourself as a user of the maesn API. This is the API key that you get when you sign up for an account with maesn.

Please contact us at the following link to get started. We will get in touch with you to create an account and provide you with an API key.

X-ACCOUNT-KEY header

When trying to access your end user’s information in the target system, you will only be allowed to do so, if the end user went through the registration flow and authenticated to the target system, and you stored the X-ACCOUNT-KEY to use with these requests.

Every account key is unique to the end user and the target system, so an end user may have multiple of these depending on how many target systems they have authenticated to.

End user authentication is done through the /auth/:TARGET_SYSTEM endpoint.

curl --request GET \
  --url 'https://api.maesn.dev/auth/:TARGET_SYSTEM' \
    -H 'x-api-key: YOUR_API_KEY' \
    -H 'callbackUrl: YOUR_CALLBACK_URL'

Replace :TARGET_SYSTEM with the target system you want to authenticate to. For example, to authenticate to Xero, replace :TARGET_SYSTEM with xero.

You can send the callback URL as a query parameter to the /auth/:TARGET_SYSTEM endpoint. This will redirect the user back to your system after the authentication flow is complete. You can also send a cancelCallbackUrl as a query parameter in cases where the user has to enter their API Key into our submission flow where they can cancel the flow. If these values are not provided, the user will be redirected with the default callback values that you provided when we contacted you for account creation.

This endpoint will give back a URL that you need to show to the user to authenticate to the target system.

At the end of the flow we redirect the user back into your system based on a redirect URL you provide when we contact you for account creation.

At this point you will receive an account token that you can use to make API calls on behalf of the user.

Was this page helpful?

Explore our integrationsRate limiting