Server-to-server integration (S2S) allows your back-end servers to communicate with the iWelcome Authenticator API and initiate approval requests on behalf of your user's.

Since all our approval API requests are handled in a synchronous way (initiate the request and wait for response) and do not include additional callback mechanisms, initiating an authentication request is as simple as calling an API endpoint to generate an access token and another one to fetch the associated user information.

Since we are using this approach, iWelcome Authenticator can also be integrated with any desktop application or server-only application that can perform HTTPs calls and safely store the application's credentials (API Key).

Whenever you initiate an API call from your application to iWelcome Authenticator's API, you must include the Authorization: Bearer YOUR_API_KEY HTTP Header, so that we can validate the request.

The actual HTTP connection will contain a Transfer-Encoding: chunked HTTP header and will be kept open until a response is generated (either success or error, in the limit of 30 seconds).

Whenever iWelcome Authenticator is required to notify your application (back-end server) about an event, it will do so by executing a web-hook and signing the actual payload so that you can verify that the request is coming from iWelcome Authenticator and not from an unauthorized 3rd party.

Note: whenever your application will call the iWelcome Authenticator API, any firewall rules that your iWelcome web application might contain will be applied, possibly resulting in the rejection of the call.