Explore

Home About Pricing Studio Api Contact

Language

logo

powered by xwms

x wms

Home Home

About About

Pricing Pricing

Studio Studio

Api Api

Contact Contact

Back to overview

Support areas

Clients & API

OAuth, tokens, scopes, API access and client settings.

All topics account api authentication basic client client-credentials dashboard debugging docs domains enterprise errors frontend headers https integration json keys limits live-mode logs mobile monitoring oauth permissions plans pricing rest sdk security setup subscription support testing tokens usage web webhooks

What headers does the XWMS API require?

Most secured API endpoints require X-Client-Id, X-Client-Secret, and X-Client-Domain headers. These identify the client, authenticate the secret, and let XWMS verify that the request is coming from an allowed domain configuration.

api headers client-credentials

How does client credentials security work in XWMS?

XWMS resolves the client and domain from the request headers, verifies that the client secret is active, checks that the domain is allowed, and enforces domain settings such as active status, authentication access, API access, server IP allowlists, and test or live mode rules.

api client-credentials security

Live support

Start a conversation

Welcome back. Start a ticket or leave your question.

Start with XWMS Studio and put your business online with a modern look

User 1 User 2 User 3
20+ members

View XWMS Studio Explore Studio

logo © xwms.nl - All rights reserved.
X TikTok Instagram YouTube
XWMS
Company
Projects
Legals
powered by XWMS API