Tax SPI
Authorization
Overview
Chargebee uses HTTP header-based authorization for all API endpoints related to the Service Adapter. This approach ensures secure and dynamic management of authorization credentials during API interactions.
How It Works
- The Authorization Key for API calls is dynamically passed in the HTTP header, enabling secure and seamless integration.
- This key is specified in the
[api_configuration](url)object, which is part of the JSON configuration used during onboarding in Chargebee’s marketplace. (Attach link) - During the application onboarding process in Chargebee, merchants provide the necessary authorization parameter values.
- The Chargebee application uses these values to authenticate and make API calls to the Service Adapter.
Structure of credential_configuration
- The
credential_configurationis an array of objects, where each object represents a credential parameter. - Each object includes the following attributes:
id: A unique identifier for the credential. For example,authorization_keyorclient_secret.name: A descriptive label of the credential.type:The credential type. For example,text.is_sensitive: Indicates whether the credential is sensitive.
JSON Configuration Example
Authorization Header
Below is the structure of authorization header that will be passed from Chargebee app to Service Adapter. Some of the parameters are sent by default by Chargebee as mentioned in the example below: