Authenticate Thyself!

Headers are used for authentication. The Staylists team will provide you with a username and password. You must send these in every request.

API supports two Header types. There is no benefit that we are aware of for picking one over the other. (Although you're welcome to tell us your favourite and why.) We just like to give you the choice because you may already use one of them.
  • HTNG
  • WSSE

HTNG 

<HTNGHeader xmlns='http://htng.org/1.1/Header/'>
  <From>
    <Credential>
      <userName>{username}</userName>
      <password>{password}</password>
    </Credential>
  </From>
</HTNGHeader>

WSSE

<Security xmlns='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'>
  <UsernameToken>
    <Username>{username}</Username>
    <Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText'>{password}</Password>
  </UsernameToken>
</Security>

A word of warning

Pretty line breaks may make your code more readable, but SOAP authentication headers are not the place to make your point. Keep your usernames and password wrapped tight in the XML elements and you'll save yourself a whole lot of misery.