Inbound requests directed to all PrimaryBid Connect API services and endpoints are governed through the following authentication methods:
- API keys - a set of credentials provided by PrimaryBid to Partners
- IP allowlisting - a list of IP addresses/ranges provided by Partners to PrimaryBid
Requests without either authentication method will result in an error.
API keys
As part of the Onboarding process, a set of API keys will be provided by your Solutions Engineer.
The following credentials are granted in string format for each API client account (Staging/Production):
- primary-bid-api-subscription
- primary-bid-api-secret
In order to interact with the API endpoints, both keys will have to be set as HTTP headers.
Refreshing keys
API keys do not rotate and are static upon creation. Please reach out to your Solutions Engineer if you would like to generate a new set of API keys.
Key errors
Incorrectly configured keys will result in the endpoint returning a 403 Forbidden error response code.
For more information please refer to Error Handling.