Technical and Security Aspects

Authentication

The Support Ticket API requires you to authenticate with the email and password of a user account created on the Merchant Panel. Once you request to authenticate to the Login Endpoint, we will respond with a cookie called BEARER_TOKEN containing a token you have to use in the next API calls to remain authenticated.

BEARER_TOKEN cookie

Upon successful authentication, the response will include a header field named Set-Cookie. This particular field will carry a cookie labeled as BEARER_TOKEN that has to be sent back to the server in all the following requests to stay logged in.

Example of a cookie in the header with the BEARER_TOKEN value:

cookie: BEARER_TOKEN=U3dcUx8IRJ5nLjb0WYM4cHa3qHFqnrqAk

To send requests, ensure you include the BEARER_TOKEN obtained from the Login Endpoint in the Authentication header field of the requests. You can use it in the following ways:

As part of the header:

Authorization: Bearer U3dcUx8IRJ5nLjb0WYM4cHa3qHFqnrqAk

Or as a cookie:

cookie: BEARER_TOKEN=U3dcUx8IRJ5nLjb0WYM4cHa3qHFqnrqAk

See this page to learn more about cookies.

Secure Connections

All the communications between you and the Merchants API has to be performed through secure connections over HTTPS.

Switching Between MIDs

In cases where a user needs to manage tickets from more than one MID, the Switch Context endpoint allows you to switch effortlessly between MIDs irrespective of the number of MIDs the user account belongs to.

If switched from MID A to MID B, note that all responses from other endpoints will operate under MID B.

Document Types

When attaching documents to a ticket, you must specify the document type. The following types are accepted: