Connecting to the Content Service API

Authorization

In order to use the API, partner should include an application ID and a secret key in every request.

These credentials can be passed in as values of app_idand app_key parameters in the query string, or they can be passed via headers as x-app-id and x-app-key respectively.

NOTE: Additionally you will need to pass one of the following to properly retrieve the content for your program(s):

• brand_id (via query-string) or x-brand-id (via headers)
• prog_id (via query-string) or x-prog-id (via headers)

The brand_id is a numeric value determined by Cartera, associated with a particular brand. Within Cartera's systems, all content is connected to a brand record under the hood. In some cases, for convenience-sake, we will map a "program" to each of the brands in order to provide a human-readable way to associate the same content.

Example Authenticated Requests

From Browser

GET https://api.sandbox.cartera.com/content/v4/merchants?app_id=<appId>&app_key=<appKey>&prog_id=abc-premium

Server-to-Server

# Using query-string authentication
curl -H "Accept-Encoding: gzip,deflate" "https://api.cartera.com/content/v4/merchants?app_id=<appId>&app_key=<appKey>&prog_id=abc-premium" --compress

# Using header-based authentication
curl -H "Accept-Encoding: gzip,deflate" -H "x-app-id: <appId>" -H "x-app-key: <appKey>" -H "x-prog-id: abc-premium" "https://api.cartera.com/content/v4/merchants" --compress

It is highly recommended to use GZIP for server-to-server calls, especially for endpoints with heavier responses.

Response format

The Content Service returns data as application/json. In order to use JSONP, the consumer of the API should provide additional parameter named callback.