Authentication
All API requests require a Bearer Token in the Authorization header.
Token Format
Your bearer token is a Base64-encoded string containing your API token and tenant ID separated by a colon:
Base64("{your-api-token}:{your-tenant-id}")
your-api-token— The API token issued to you via the CloudESD portalyour-tenant-id— Your tenant GUID (provided at onboarding)
Header Format
Authorization: Bearer <base64-encoded-token>
Example
If your token is abc123 and your tenant ID is 550e8400-e29b-41d4-a716-446655440000:
Raw: abc123:550e8400-e29b-41d4-a716-446655440000
Base64: YWJjMTIzOjU1MGU4NDAwLWUyOWItNDFkNC1hNzE2LTQ0NjY1NTQ0MDAwMA==
Authorization: Bearer YWJjMTIzOjU1MGU4NDAwLWUyOWItNDFkNC1hNzE2LTQ0NjY1NTQ0MDAwMA==
Authentication Errors
| Status Code | Reason |
|---|---|
401 Unauthorized | Missing or malformed Authorization header, invalid token, or expired token |
403 Forbidden | Tenant account is suspended |
Bearer Token Cashier Default
A bearer token can optionally have a default cashier name configured. When set, this overrides any Cashier value submitted in the receipt request. This is useful for POS systems where each terminal has its own token.