Authentication and Authorization

View API Docs

Authentication

When calling APIs, participants must authenticate their identity using Basic Authentication by passing their URM username and password.

These credentials are provided by your company’s Participant Administrator (PA) and encoded into a Base64 authorization token. You can use tools like Postman to generate this token.

Provide credentials in the following format for encoding:

username:password

After base64-encoding the string, you add it to the Authorization header:

Authorization: Basic {Base64 hash of username:password}

Authorization

To access APIs, Participant Administrators (PAs) must assign the appropriate rights to participant users in the MSATS Maintain Rights interface.

For example, the entity required for the Generator Recall APIs is:

  • EMMS - Offers and Submissions - Generator Recall

For help, see Guide to User Rights Management.