Authentication against the Partner API uses a signature based method in order to grant access to a resource. The authentication is modeled after amazon's latest authentication iteration. The idea is that you have a public and secret key you sign the date header of your request using both the public and private key. When the request is sent we can recreate the signature server side. If it's a match then the request completes, if not you will receive and authentication error.
Look at the class located here
There are a couple things to notice about the above code. First, you are producing your auth string in JSON format with three parameters:
.
Secondly the signature is being Base64 encoded. If you are having trouble creating the signature in your language of choice you are encouraged to look at some of the example code at amazon.com or email us and we can help you calculate the signature.
Once the signature is created you would assign it to a custom header field called:
X-Xray-Authorization
You would also include the date in the header field called:
Date
Those two properly formated header fields are all that's required to authenticate with the partner API.
Once you are successfully able to authenticate requests you can begin to dig into the individual resources in more detail.
Super important. Make sure your account is authorized for access to our partner api if you suspect it may not be please email jeff@musicxray.com