Authentication

Details on retrieving and securely managing API keys for authorized access

Since a mutually authenticated and secure channel is already established at the transport level, no additional third-party authentication headers are required. Mechanisms such as JWT, OAuth1, and OAuth2.0 are commonly used to authenticate and authorize requests. However, with mTLS in place, these methods are not necessary, as mTLS directly verifies both client and server identities.

API Key

Each request to the Verify API must include x-api-key header.

The API Key can be retrieved from the Sehaci Customer Portal. It is a Base64-encoded 32 byte value.

x-api-key: UGFnZSBub3QgZm91bmQgLVBhZ2Ugbm90IGZvdW5kIC0=

API keys should always be kept confidential.

JWT Authentication

Coming soon

PreviousOverview NextVerifications

Last updated 1 year ago