DocumentationAuthorization

Authorization

This page explains how to securely connect your POS or integration to Qerko using authorization credentials.

To securely connect your POS or integration to Qerko, you must provide a Pos-Id and an API key.

How to provide them depends on your chosen interface. Instructions are provided for each parameter below.

Pos-Id

Pos-Id is a token in UUID format that identifies your integration. Qerko wants to know who is on the other side of the connection. You will receive your production Pos-Id from Qerko after your integration passes certification.

Pos-Id is not supposed to be user-configurable and should be kept reasonably secret. It will not change over time.

In the sandbox environment you can use any non-empty string as Pos-Id. This allows you to develop the integration and be able to pass the certification.

WebSocket interface

Send the Pos-Id once as part of the auth-request message.

REST API interface & Webhook interface

Send the Pos-Id as an HTTP header with every request. For example:

Pos-Id: d6d8236d-08de-478a-849c-b5084add6f25

API key

The API key is a token that identifies the restaurant. Unlike Pos-Id, this needs to be user-configurable.

You can generate your API key in Qerko’s Restaurant Admin.

Checksum

The API key has a built-in checksum so you can verify if it is valid.

WebSocket interface

Send the API key once as part of the auth-request message.

REST API interface & Webhook interface

Send the API key in the Authorization HTTP header with every request. The value should be prefixed with Bearer. For example:

Authorization: Bearer eeeu-g786-zp54-3v1c-db02-e4e1

Need help? If you get stuck or have questions, email us at techsupport@qerko.com—we’re here for you!