Authentication
Learn how to authenticate your requests to the maesn API
Overview
When making requests to the maesn API you need to have the right request headers set, in order to authenticate your requests.
There are two primary authentication parts of the headers that we need to set:
- X-API-KEY header
- X-ACCOUNT-KEY header
These two are needed to authenticate your requests to the maesn API.
X-API-KEY header
For any request you make into the maesn API this is the header that authenticates yourself as a user of the maesn API. This is the API key that you get when you sign up for an account with maesn.
Please contact us at the following link to get started. We will get in touch with you to create an account and provide you with an API key.
X-ACCOUNT-KEY header
When trying to access your end user’s information in the target system, you will only be allowed to do so, if the end user went through the registration flow and authenticated to the target system, and you stored the X-ACCOUNT-KEY
to use with these requests.
Every account key is unique to the end user and the target system, so an end user may have multiple of these depending on how many target systems they have authenticated to.
End user authentication is done through the /auth/:TARGET_SYSTEM
endpoint.
Replace :TARGET_SYSTEM
with the target system you want to authenticate to. For example, to authenticate to Xero, replace :TARGET_SYSTEM
with xero
.
This endpoint will give back a URL that you need to show to the user to authenticate to the target system.
At the end of the flow we redirect the user back into your system based on a redirect URL you provide when we contact you for account creation.
At this point you will receive an account token that you can use to make API calls on behalf of the user.
Was this page helpful?