Developer Hub

Our comprehensive guides and documentation will help you to start working with Minna's subscription management services.

Get Started    

API security

This section describes security mechanisms used to protect the integration between you and Minna.

Authentication

All endpoints require the HTTP Authorization header, which are to include an access token. In the getting started with authentication guide you can read about how to set this up and get access to Minna's system. The authentication builds on OAuth2.0. In order to use our products you are required to follow the steps described in the guide.

We do not require any additional security mechanism other than the authentication. However, we highly recommend to also set up either mutual TLS or IP whitelisting. To get advice, or enable any of the mentioned security mechanisms, reach out to us.

Mutual TLS

Minna offers the possibility to enable mutual TLS (mTLS) between you as a client, and Minna as a server, in addition to the required authentication. This means that you as a client will trust Minna's server certificate and Minna as a server will require your client certificate.

IP whitelisting

Minna offers the possibility to enable on top of the mandatory authentication. We configure our servers to only allow requests from your IP addresses.

Updated 10 months ago



API security


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.