| Authorization |
Bearer <Access Token>/<Refresh Token>/<OTP> |
The Authorisation header must contain either the Access Token or the Refresh Token or the One Time Passowrd (depending on the API method) to authorise the user. |
| Content-Type |
application/json |
The content type of post requests must be JSON |
| Accept |
application/json |
The content type of responses will always be JSON |
| Accept-Encoding |
gzip, deflate |
The host support gzip compress of the responses if the accept-encoding header is set in the request |
| X-Bundle-Id |
us.frollo.Frollo |
The X-Bundle-Id header is used to describe the bundle ID of the client device |
| X-Software-Version |
V1.00-B1 |
The X-Software-Version header is used to describe the version of the Frollo app on the client device |
| X-Device-Version |
IOS10.0.0 |
The X-Device-Version header is used to specify the version of the client device |
| X-Api-Version |
2.0 |
The X-Api-Version header is used to specify which version of the API the client wants to use |
| X-Background |
true |
The X-Background boolean header should be includued if the API requests are being generated by a “user not present” background task. This ensures that the requests are not registered as user activity. |
| X-User-Otp |
123456 |
The X-User-Otp header is used to allow users to retry requests that return HTTP status code 401 and error F0120 - OTP Required with a valid OTP they have received to complete the additional security check |
