Authorization Headers, Organization Secret, and User Secret

Authenticate your account by including your User Secret and either your Organization Secret, Connector Instance Token, or both in the Authorization header of API requests. 

Always refer to the Authorization parameters of the API docs for each request, but in general:

  • Platform API Requests: Include the User Secret and Organization Secret.
  • Connector API Requests: Include the User Secret and Connector Instance Token.
  • Some API requests require all three.

Pass the authorization parameters as part of an Authorization parameter, for example:

curl -X GET \ \
  -H 'Content-Type: application/json'

When you create an account with us, we assign you an Organization Secret and a User Secret. An Organization is a customer account of Axway (/organizations), while a user (/user) is an individual within an organization. The User and Organization secrets represent your account with Axway AMPLIFY.

Finding Your Secrets and Token

To find your Organization and User Secret open the profile menu on the lower left side of the page.

To find your Connector Instance Token:

  • Go to the Instances page and look at the Token column.
  • Navigate to the connector card, and then click View Token.
  • Make a GET /instances or GET /instances/{id} request and look for token in the response.

Related Links