Security
All ACP endpoints use HTTPS and receive and respond to requests with JSON. They are also signed.
Authorization is currently managed between the agent and seller directly through bearer tokens. Sellers can retrieve a token in the agents application.
Headers
Requests are made with the following headers:
| Field | Description | Example |
|---|---|---|
Authorization | Bearer token for authenticating agent or seller. | Authorization: Bearer <token> |
Content-Type | Specifies media type of the request body. | application/json |
Accept | Indicates desired media type for the response. | application/json |