Elastic Path Commerce for AWS Setup
Core Commerce Architecture
Cortex API Architecture
Tutorials & Code Examples
Elastic Path Production Tools
Core Commerce Release Notes
Cortex API Front-End Documentation
EP for Adobe Marketing Cloud Architecture
EP for AMC Developer Documentation
EP for AMC Release Notes
Cortex Studio
6. Configuring Trust Headers
6. Configuring Trust Headers
Cortex API requires a confidential key, a trust header, to communicate with its OAuth2 endpoint; otherwise, communications with Cortex API will fail.
To configure this trust header, you need to create two configuration files: authTrustHeader.config and authClientTrustHeader.config following the instructions below.
Configuring Shared Secret for Trusted Sources
A trust header is a confidential key an OAuth2 endpoint uses to authenticate to Cortex API's authentication endpoint. Both your OAuth2 endpoint and Cortex API's authentication endpoint must have the same trust header for authentication requests to validate.
The following steps describe how to configure the trust header for both the Cortex API's authentication endpoint and the out-of-the-box OAuth2 endpoint:
1. Create the Configuration Directory
- For Windows: C:\etc\ep\cortex\system\config
- For Linux: /etc/ep/cortex/system/config
2. Set the authentication endpoint trust header
- In your cortex/system/config directory, create a file named authTrustHeader.config.
- In authTrustHeader.config, add the following fields and define your trust header field value:
relos.trust.header.field.VALUE="<secret trust header>" relos.trust.header.field.NAME="x-ep-trust-header"
3. Set the OAuth2 endpoint trust header
- In your cortex/system/config directory, create a file named authClientTrustHeader.config.
- In authClientTrustHeader.config, add the following fields and define your trust header field value:
relos.trust.header.field.VALUE="<secret trust header>" relos.trust.header.field.NAME="x-ep-trust-header"