Authentication

An API Key is required to be sent as a part of every request, In the form of Basic Authentication in the request header,

API Server

Production

https://api.hentory.io

Staging

https://test.ambsuperapi.com

How Authentication Works

AMBSuperAPI uses Basic Authentication with your agent credentials. You need to:

Get your API key from the AMBSuperAPI Agent Profile Page
Encode your credentials using Base64 format: Base64(agent_username:x-api-key)
Include the encoded credentials in the Authorization header

Authorization Header Format

Authorization: Basic Base64({{ agent_username }}:{{ x-api-key }})

Example

If your agent username is agent001 and your API key is 851d8beb-2055-4107-bd77-63efd76fdead, you would:

Create the string: agent001:851d8beb-2055-4107-bd77-63efd76fdead
Encode it with Base64: YWdlbnQwMDE6c2tfbGl2ZV8xMjM0NTY3ODkwYWJjZGVm
Use it in the header: Authorization: Basic YWdlbnQwMDE6c2tfbGl2ZV8xMjM0NTY3ODkwYWJjZGVm

API Key related error response

If an API Key is missing, malformed, or invalid, you will receive a 401 Unauthorised response code and the following JSON response:

json

{
  "reqId": "edba5aca-d6d8-4e10-a55e-971cc3facb0b",
  "code": 401,
  "exception": {
    "response": {
      "statusCode": 401,
      "message": "Unauthorized. Invalid API key: 851d8beb-2055-4107-bd77-63efd76fdead",
      "error": "Unauthorized"
    },
    "status": 401,
    "message": "Unauthorized. Invalid API key: 851d8beb-2055-4107-bd77-63efd76fdead"
  },
  "message": {
    "statusCode": 401,
    "message": "Unauthorized. Invalid API key: 851d8beb-2055-4107-bd77-63efd76fdead",
    "error": "Unauthorized"
  }
}

Authentication ​

API Server ​

Production ​

Staging ​

How Authentication Works ​

Authorization Header Format ​