All Release Notes

Authorization Header Usage

29 April 2019
Announcement
DeprecationSecurity

As a security improvement, on 6 May 2019 the commercetools Composable Commerce API endpoints will no longer accept access tokens as URI parameters.

All API Clients should provide access tokens using the Authorization header as follows:

POST /{{projectKey}}/channels HTTP/1.1
Host: api.{region}.{cloudProvider}.commercetools.com
Authorization: Bearer {accesstoken}
...

For more information, see: