Skip to main content

Authentication

Inbound requests directed to all PrimaryBid Connect API services and endpoints are governed through the following authentication methods:

  • API keys - a set of credentials provided by PrimaryBid to Partners
  • IP allowlisting - a list of IP addresses/ranges provided by Partners to PrimaryBid

Requests without either authentication method will result in an error.

API keys

As part of the Onboarding process, a set of API keys will be provided by your Solutions Engineer.

The following credentials are granted in string format for each API client account (Staging/Production):

  • primary-bid-api-subscription
  • primary-bid-api-secret

In order to interact with the API endpoints, both keys will have to be set as HTTP headers.

Refreshing keys

API keys do not rotate and are static upon creation. Please reach out to your Solutions Engineer if you would like to generate a new set of API keys.

Key errors

Incorrectly configured keys will result in the endpoint returning a 403 Forbidden error response code.

For more information please refer to Error Handling.