Authentication

Learn how to authenticate your API requests

Overview

All API endpoints require authentication using clientId and clientSecretobtained when creating an API token. These credentials are used to exchange for a Cognito JWT token which is then used to authenticate requests to the backend services.

Custom Headers

Include your API token credentials in custom HTTP headers:

Required Headers:

X-Client-Id: Your API token client ID
X-Client-Secret: Your API token client secret

Example Request

curl -X POST https://api.gomake.net/api/sales-orders/create \
  -H "Content-Type: application/json" \
  -H "X-Client-Id: your-client-id-here" \
  -H "X-Client-Secret: your-client-secret-here" \
  -d '{
    "customerId": "123e4567-e89b-12d3-a456-426614174000",
    "items": [
      {
        "productId": "123e4567-e89b-12d3-a456-426614174001",
        "quantity": 10,
        "price": 99.99
      }
    ]
  }'

JavaScript Example

fetch('https://api.gomake.net/api/sales-orders/create', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'X-Client-Id': 'your-client-id-here',
    'X-Client-Secret': 'your-client-secret-here'
  },
  body: JSON.stringify({
    customerId: '123e4567-e89b-12d3-a456-426614174000',
    items: [
      {
        productId: '123e4567-e89b-12d3-a456-426614174001',
        quantity: 10,
        price: 99.99
      }
    ]
  })
})
.then(response => response.json())
.then(data => console.log(data));

Getting Your Credentials

To obtain your clientId and clientSecret:

Log in to the GoMake dashboard
Navigate to Settings → API Tokens
Click Create Token and fill in the required information
Save your clientId and clientSecret securely

⚠️ Important:

The clientSecret is only shown once when you create the token. Make sure to save it securely. If you lose it, you'll need to create a new API token.

How Authentication Works

When you make an API request with your credentials: