The GlobalGateway API uses Basic Authentication for access control. Basic Authentication uses standard fields in the HTTPS request header to avoid the need for handshakes. This Authorization header is constructed by the following process:

  • Username and password are combined into a string username:password
  • The resulting string is encoded using the RFC2045-MIME variant of Base64, except without the 76 char per line limitation. This encoded string will be referred to simply as ACCESS_TOKEN in examples.
  • The authorization method and a space, in this case "Basic ", is then put before the encoded string, so the resulting header is "Authorization: Basic ACCESS_TOKEN"

Many tools and technologies, such as SOAPUI, Postman, HTTP client libraries in most programming languages, or our own SDKs, will do the encoding work for you, requiring you to simply provide the username and password.

See the Test Authentication documentation for full examples.