Guides

Access and authentication

Website personalisation: Headless API integration

Suggest Edits

All connections to the Query API must be authenticated using:

  • keys and secrets
  • IP restrictions
  • properly formatted requests

📘

Note

Ometria only supports requests made using SSL (version v1.2 or higher).

1. Authentication method

There are two methods for protecting the query endpoints:

You'll need to implement one of these methods to access your Query API endpoint.

If no method is implemented you can't access the Query API endpoint.

Basic authentication

To enable basic authentication, log into Ometria and go to: Website Personalisation > Administration > Settings > Query API Access

Toggle on Basic Authentication:

IP Restriction

To enable IP restriction, log into Ometria and go to: Website Personalisation > Administration > Settings > Query API Access

Select IP Restriction and enter your IP address:

2. Create an API key and secret combination

To create an API key for website personalisation, go to: Website Personalisation > Administration > Settings > Query API Access

📘

Note

This is a different path than Ometria's usual API key screen.

Select Add API Key:

You can create as many key-secret pairs as you need.

3. Construct request header

If you're using basic authentication then you'll need to construct a header using your authentication credentials.

Here's how:

  1. Combine your username (API key) and password (API secret) with a single colon (:).
  2. Base64 encode the combined string.
  3. Prepend "Basic" and a space to the result.

Example:

For a key f4198aa7934b402981179610e71dcdbe and a secret of AW328UXvlwqfsOkS8smjIGtxfXAqjJxD.

const key       = "f4198aa7934b402981179610e71dcdbe";
const secret    = "AW328UXvlwqfsOkS8smjIGtxfXAqjJxD";
const encoded   = btoa(`${key}:${secret}`);
// encoded output ZjQxOThhYTc5MzRiNDAyOTgxMTc5NjEwZTcxZGNkYmU6QVczMjhVWHZsd3Fmc09rUzhzbWpJR3R4ZlhBcWpKeEQ=

4. Make a request

Here's an example request using the previously encoded key and secret:

POST "https://{{domainkey}}.store-{{locationkey}}.ometria.services/api/query"
--header "Authorization: Basic ZjQxOThhYTc5MzRiNDAyOTgxMTc5NjEwZTcxZGNkYmU6QVczMjhVWHZsd3Fmc09rUzhzbWpJR3R4ZlhBcWpKeEQ="

Updated 2 days ago