Skip to main content
Skip table of contents

3.1 Area Auth Header

Access to API requires an authorization header specific to the area. It includes area API Secret Key which get be generated from Area Settings form.

Timestamp is sent to prevent replay attacks, and request expires according to API server configuration (300 seconds).

  • Header Name: Authorization
  • Header Non encrypted prefix: TrSvcAreaAuthHeader
  • Encrypted part: <trSvcVersion>|<areaAPISecretKey>|<UTC Time>

Header string should be encrypted with symmetric AES 128-bit encryption and encoded as Base64 string, see example below.

Contact Thru Support to receive an encryption key.

Example:


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close