Authentication | Zippd API

The vast majority of endpoints exposed by the Zippd API will require the client to provide authentication before it will execute the request. You must send a bearer token in the header of your request for the API to be able to authenticate it.

Access

Access to our API is granted by request. You can register an account via the Zippd platform, but you’ll need to chat with one of our account managers to enable API access on the account.

Tokens

Generate

Send a POST request to the authentication endpoint to generate and retrieve a new auth token. The details required for authentication will be the account’s email and password.

Currently, auth tokens do not expire on their own.

Send

When making requets to the API, be sure to include your generated token via the Authorization header:

header: "Authorization: Bearer gwsQWq2a1QVde8Gf77aHMBIPwgtasT"

Failed Auth Limit

We implement a limit on the number of failed attempts can be made when generating an auth token.

The maximum number of failed attempts we allow is 5.

Once you have reached the maximum allowed number of attempts, further login attempts will be blocked. You will be required to speak to your account manager to arrange for login to be re-enabled.

Note that it is only logging in or authenticating that is blocked. The account itself will remain active, and no existing orders or other data will be restricted or affected.