Security
eCurring uses API keys as means of authentication and requires an SSL connection to guarantee security. This means the eCurring API can only be accessed through HTTPS.
End-to-end safety on the transport level is guaranteed by the SSL-requirement. There is no need to encrypt the data yourself again.
Authentication
What data do I need?
The first thing you need is an API key. You will find your API key on the "API" tab in my account
Show the API it's really you
The API key must be sent along with each API request, by providing it in the HTTP call's X-Authorization
header.
Of course it's very important to keep any API-key secure. Do not ever share them. However, if a key leaks you can ask us to regenerate it for you.
Example request with authentication
In this example we will be retrieving a single customer from the API. The data is not important, but pay attention to the headers involved in the request.
Request
GET /customers/1 HTTP/1.1
X-Authorization: 53b9e049186e04743bcdd685ea0bafbd1ff9e0c7f
Response
{
"links": {
"self": "https://api.ecurring.com/customers/1"
},
"data": {
"type": "customer",
"id": "1",
"links": {
"self": "https://api.ecurring.com/customers/1"
},
"attributes": {
"gender": "m",
"first_name": "Jeroen",
"middle_name": null,
"last_name": "van der Geer",
"bank_holder": "J. van der Geer",
"iban": "NL66ECUR0123456789",
"postalcode": "1016EE",
"house_number": "313",
"house_number_add": "",
"street": "Keizersgracht",
"city": "Amsterdam",
"country_iso2": "NL",
"email": "jvdgeer@example.com",
"telephone": "+31202616739"
},
"relationships": {
"subscriptions": {
"links": {
"related": "https://api.ecurring.com/customers/1/subscriptions"
},
"data": [
{
"type": "subscription",
"id": "1"
}
]
}
}
}
}