Authorization
This page explains how to securely connect your POS or integration to Qerko using authorization credentials.
To securely connect your POS or integration to Qerko, you must provide a Pos-Id and an API key.
How to provide them depends on your chosen interface. Instructions are provided for each parameter below.
Pos-Id
Pos-Id is a token in UUID format that identifies your integration. Qerko wants to know who is on the other side of the connection. You will receive your production Pos-Id from Qerko after your integration passes certification.
Pos-Id is not supposed to be user-configurable and should be kept reasonably secret. It will not change over time.
In the sandbox environment you can use any non-empty string as Pos-Id. This allows you to develop the integration and be able to pass the certification.
WebSocket interface
Send the Pos-Id once as part of the auth-request message.
REST API interface & Webhook interface
Send the Pos-Id as an HTTP header with every request. For example:
Pos-Id: d6d8236d-08de-478a-849c-b5084add6f25
API key
The API key is a token that identifies the restaurant. Unlike Pos-Id, this needs to be user-configurable.
You can generate your API key in Qerko’s Restaurant Admin.
Checksum
The API key has a built-in checksum so you can verify if it is valid.
WebSocket interface
Send the API key once as part of the auth-request message.
REST API interface & Webhook interface
Send the API key in the Authorization HTTP header with every request. The value should be prefixed with Bearer. For example:
Authorization: Bearer eeeu-g786-zp54-3v1c-db02-e4e1
Need help? If you get stuck or have questions, email us at techsupport@qerko.com—we’re here for you!