Authentication

To authenticate your requests to the B-MO API, you need to include the following headers in each request:

X-Auth-ApiKey: Your API key provided by B-MO.
X-Auth-ApiSecret: Your API secret provided by B-MO.

If these headers are missing or incorrect, the API will respond with a 401 Unauthorized error, indicating that the request could not be authenticated.

Example Request

Below is an example of how to authenticate a request using these headers:

import axios from 'axios';

const apiKey = 'your-api-key';
const apiSecret = 'your-api-secret';

axios.get('https://api.bmo.example.com/v1/endpoint', {
  headers: {
    'X-Auth-ApiKey': apiKey,
    'X-Auth-ApiSecret': apiSecret
  }
})
.then(response => {
  console.log('Success:', response.data);
})
.catch(error => {
  if (error.response.status === 401) {
    console.error('Authentication failed: Invalid API key or secret.');
  } else {
    console.error('An error occurred:', error.message);
  }
});

Error Handling

If the authentication fails, you will receive a 401 Unauthorized response. Make sure to check your API key and secret to ensure they are correct. Below is an example of the error response:

{
  "status": 401,
  "error": "Unauthorized",
  "message": "Invalid API key or secret."
}

BMO Merchant Sandbox

Base URL

Authentication

Example Request

Error Handling

On this page