Authorization and Data Security

Your 'app' and its API Key will be tied to one or more of the following pieces of information:

  • Alliance Code
  • Partner Code
  • Merchant ID

The information assigned to your key will restrict what data and operations you have access to via the API, and this usually forms a hierarchy from parent to child (Alliance > Partner(s) > Merchant(s)).

For example if your API Key was tied to an Alliance code and Partner code, but not a specific Merchant ID, you would have some flexibility on filtering data across multiple merchant IDs (using the Merchant-Id header).

Please see the documentation for the specific API / endpoint you are using for more detail on how this works.

Want a quick overview?