Use Bearer Token authentication:

1. Generate an access token via the token endpoint using your API credentials.
2. Include it in the Authorization: Bearer <token> header for all subsequent requests.

Note: Tokens expire after 5 minutes.

These are SHA-512 hashes for enhanced security:

• requestToken: Hash of concatenated header parameters (e.g., clientId + affiliateCode + sourceCode + ...).
• secureHash: Hash of the full payload parameters + secret key.

Refer to endpoint-specific documentation for concatenation formulas.

Potential causes include:

• Missing/invalid Authorization header
• Expired access token (valid 5 minutes)
• Incorrect service code in token generation payload