Authentication
Every smallcase Gateway API request should include API secret & user auth token as request headers
Authentication
Request header: x-gateway-secret
x-gateway-secretEvery smallcase Gateway API request should include API secret as a request header. smallcase Gateway requires the value to be keyed as x-gateway-secret. It is evident in the API documentation.
User identification
Request header: x-gateway-authtoken
x-gateway-authtokenThere are certain APIs which requires user identification as a part of it. For example - Fetching historical orders of a user, and fetching stocks & ETF holdings of the user.
For correctly identifying the user (guest or connected), every smallcase Gateway API should include User's auth token as a request header. smallcase Gateway requires the value to be keyed as x-gateway-authtoken.
All requests MUST pass these custom HTTP headers containing API secret & Auth token:
x-gateway-secret: API_SECRET_KEY
x-gateway-authtoken: USER_AUTH_TOKEN
Updated almost 2 years ago
All good, so far? Let's look into the API reference next -