The EPISHIP Authentication framework provides the security layer for your integration, ensuring that only verified applications can access your shipping data and execute transactions. You can develop applications that integrate with EPISHIP to securely authenticate requests using standard Bearer tokens, protecting sensitive customer information and billing details.
View Doc →
The following figure shows the relationship between your EPISHIP app, the EPISHIP API, and the Authentication service.
Figure 1. EPISHIP API relationship diagram. Authentication architecture and request flow.
EPISHIP’s security services give administrators control over API access, allowing for the generation and management of API tokens that authorize your application to interact with the platform on behalf of your company.
The REST API that enforces security by requiring a valid Bearer token in the header of every request to a protected endpoint.
A standard HTTP requirement where the `Authorization` key is paired with the value `”Bearer {API_TOKEN}”` to validate the client’s identity before processing any data.
Specific resources within the API that contain sensitive data or trigger billable actions, marked with a “requires authentication” badge to indicate that a valid token must be present.
Users can use EPISHIP Authentication mechanisms to perform common workflows, such as:
Authentication properties and requirements available to configure through the EPISHIP API:
