Integration

Our API supports sending messages via HTTP. You can send a POST request containing a JSON body.

Authentication

The authentication consists of two parts: the application identifier and authentication with a JWT Token.

One JWT Token give you the possibility to retrieve information for scan user order.

The JWT Token can be requested with a combination of the username and the password.

The required header X-DEVICE-INFO and the JWT Secret will be provided by your account manager, or you can request one via [email protected].

Encryption

Communication with the CM servers should be done using the TLS cryptographic protocol, version 1.2 or higher.
Older security protocols such as TLSv1.0, TLSv1.1 and SSLv3 are not supported.

Cross-Site Scripting (XSS)

On our API, Cross-Site Scripting (XSS) protection is enabled. XSS enables attackers to inject client-side scripts into web pages viewed by other users.

To protect your web application, and our API we disabled the option to make direct request from a web application.