We’ve developed some resources to help you work effectively from home during COVID-19 Click to learn more

Authorization header types

In this article

    Your application needs to provide one of the following authorization header types when accessing our APIs. Choose either SOTicket or Bearer.

    SOTicket authentication

    Content: Authorization header with the SuperOffice SOTICKET token, and SO-AppToken header:

    Example: 

    GET /Cust12345/api/v1/MDOList/category?flat=True HTTP/1.1
    Host: sod.superoffice.com
    accept: application/json
    accept-language: en
    Authorization: SOTICKET 7T:MAA3AGYA...MgA2ADcANQA5AA==
    SO-AppToken: f2398a3a7wer3759d4b220e9a9c94321

     

    Bearer authentication

    Content:  Authorization header containing Bearer and access token from SuperID

    Example:

    GET /Cust12345/api/v1/MDOList/category?flat=True HTTP/1.1
    Host: sod.superoffice.com
    accept: application/json
    accept-language: en
    Authorization: Bearer 8A:Cust12345.AGYA...MgA2ADcANQA5AA==

    Available only to SuperOffice CRM Online. Not supported for onsite.