Authentication is a critical part of the Hydrogen API, as it ensures that all requests made to the API are authorized and authenticated before they are processed. The Hydrogen API requires that all requests be authenticated using an API key, which is a unique identifier that is assigned to each user account.

Obtaining the Authorization Token

Gaining access to the authorization token is straightforward. Simply navigate to your Profile Settings on the merchant portal. There, you'll find the dedicated section to acquire your unique authorization token. This token will be your gateway to unlocking the full potential of Hydrogen's API securely and efficiently.

Including the Authorization Token in Your Requests

For every request you make to the Hydrogen platform, it is imperative to include the authorization token in the request header. This token acts as a digital signature, affirming the identity of the merchant and authorizing the transaction. Without it, the request will not be processed, ensuring an extra layer of security for your users and their financial data.

Required Headers for Every Request

To ensure smooth communication with the APIs, it is vital to provide the necessary headers for each request. Among these headers, the "Authorization" key stands out as a mandatory component. When crafting your HTTP requests, make sure to include the following headers:

Content-Type: application/json
Cache-Control: no-cache
authorization: <add your authorization token here>

The "Content-Type" header specifies that you are sending JSON data in your request, while "Cache-Control: no-cache" helps maintain data integrity by preventing cached responses. The crucial "authorization" header, of course, requires the inclusion of your unique authorization token to authenticate the merchant.

Understanding the Authorization Token

Delving deeper into the structure of the authorization token, it's essential to comprehend its role in request authentication. As the sole required token, this alphanumeric value acts as a secret key, verifying the legitimacy of the merchant and their API requests. Handle this token with care and ensure it is kept confidential at all times to prevent unauthorized access to sensitive financial operations.