An API key, also called the Client ID, is a code passed in by computer programs calling an API to identify the calling program, its developer, or its user to the website. When accessing the HTML/JS sample application, sample SOAPUI project, or the test console, you must provide your API key to access resources.
You must first register for an API key (also known as a client ID) before you can use the APIs. You can use the API key to establish an access token. To obtain an API key, contact your Digital River account manager.
You can make calls from a browser by passing your API key as a query parameter. You can only use public API keys to make calls directly from a browser. The Shopper APIs support both public and private API keys. The Shopper APIs also support CORS and JSONP when making cross-domain calls from a browser. CORS supports more HTTP methods (GET, PUT, POST, DELETE) than JSONP. JSONP only supports the GET request method. However, the Digital River Connect API implementation of JSONP allows additional method types (POST, PUT, DELETE) via a query parameter. JSONP is supported on more browsers than CORS at this time. CORS is more secure than JSONP in that it provides a cross-origin data acess mechanism; whereas JSONP operates via cross-origin code injection. CORS provides for better error handling than JSONP.