Authentication
Barcodes and Store Locations Authentication
- The services will be hosted in an environment which is IP restricted. Only the authorized partners will have access to these services
- The payload will be encrypted in the SSL environment.
- A secret key/token will be shared between GDN and the partner. Please contact Green Dot development team for the secret key/token.
- Individual data elements like CustomerID will be sent as plain text.
Header Information
The Barcodes and Store Locations APIs use the following headers.
| Field | Required? | Description |
|---|---|---|
| x-gdn-timestamp | Yes | Timestamp in http header is using the pattern [YYYY]-[MM]-[DD]T[hh]:[mm]:[ss][time zone] that preserves time zone information and complies with ISO 8601. The time zone component is an offset from UTC (for example, +01:00, -07:00). The time zone component uses ‘Z’ (which stands for zero offset) to represent UTC. Timestamp string without time zone component is assumed to be UTC. Examples of the timestamp string are 202005-22T03:07:53Z |
| x-gdn-signature | Yes | signature of the message (see API Authentication section below |
| x-gdn-encryptiontype | Yes | 0-none, 1-Digital Signature |
| x-gdn-sessionid | No | session id of the transaction (for future use, will be empty) |
| x-gdn-messageid | Yes | unique id of the transaction |
| x-gdn-channeltype | Yes | 1-mobile, 2–web, 0-other |
| x-gdn-deviceid | No | device id of the client making the API call (for future use) |
| x-gdn-devicetype | Yes | 0-other, 1-mobile, 2-desktop |
| x-gdn-ipaddress | Yes | IP Address of the client making the API call |
| x-gdn-latitude | No | Latitude of the client device/browser making the API call |
| x-gdn-longitude | No | Longitude of the client device/browser making the API call |
| x-gdn-programnumber | Yes | Program number assigned by Green Dot |
| x-gdn-ext-programnumber | No | Ext ProgramNumberassigned by Green Dot |
Updated 28 days ago