Authentication
The Pragma API uses API keys to authenticate requests. The API keys will be provided to you by Pragma Support team.
Note that API keys are live and test mode specific. A test mode API key will only return test mode data and vice versa.
Be sure to keep your API keys secure! Do not share your API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
To authenticate requests, API keys must be included in the Authorization header as a Bearer token in the format:
Authorization: Bearer {api_key_}
Unauthenticated requests will receive a 401 Unauthorized
response.
Internally, we're using three resources to authenticate and authorize requests:
Location
Location represents the source of reports for a business (such as restaurant, bar, store or anywhere a seller does business). The location is created on the first sign up of a business to Pragma.
From the API Key you provide, we can infer the location. If you have multiple locations, you will need to create multiple API keys.
API Keys
API keys are used to authenticate requests to the Pragma API.
A location can have multiple API keys. Each API key will be assigned to a consumer which will have a set of permissions associated to it.
Thanks to the API key, we can infer the location and the consumer associated to it.
Consumer
A consumer defines a third party that has access to the Pragma API. A consumer can be a developer, a 3rd party partner, or a customer.
A consumer can have multiple API keys, one for each location assigned to the consumer.
A set of permissions is associated to a consumer, similar as a role. The permissions define what the consumer can do with the API.
Example
- Location 1 has one API Key
api_key_1
which is assigned to theconsumer_1
. - Location 2 has two API Keys
api_key_2
andapi_key_3
.api_key_2
is assigned toconsumer_1
.api_key_3
is assigned toconsumer_2
.
- Location 3 has one API Key
api_key_4
which is assigned to theconsumer_2
.
By providing the right API Key :
consumer_1
has access to the Location 1 and 2,- and
consumer_2
has access to the Location 2 and 3.