Everything you need to know about authentications when using Xoxoday APIs

Authentication

All requests to the Rewards API must be authenticated. This section talks about how you can create and manage tokens.

📘

Xoxoday uses the standard OAuth 2.0 protocol and RESTful API for clients to integrate Xoxoday’s marketplace.

Authentication URLs value

While getting started, you may use a Sandbox account in the staging environment. And once you've familiarized yourself with Xoxoday's APIs, you may migrate over to the production environment.

👍

Sandbox Auth URL

https://stagingstores.xoxoday.com/chef

👍

Prodcution Auth URL

https://accounts.xoxoday.com/chef

Client ID, Secret ID, and Token Creation

All requests to the Xoxoday Rewards API must be authenticated.

Xoxoday uses bearer authentication, where each request must include an HTTP header that includes your Client ID, Secret ID, and Access Token. The following guide explains how to generate your client ID, secret ID, and access tokens from the admin portal.

📘

Next Steps

Learn more about generating user tokens using the company tokens here: Generating Tokens

📘

Here's the list of API Endpoints