Skip to main content
HeaderTypeRequiredDescription
AuthorizationstringRequired unless Reward-Redemption-Token is suppliedAll Thanx Loyalty API endpoints are protected and must be authorized via end user access tokens. These access tokens can be retrieved through an integration with Thanx SSO. The format of the header should be: Bearer access_token
Content-TypestringRequiredThe only accepted value is application/json
AcceptstringRequiredThe Accept header specifies which version of the Thanx API that should be used. The current version is v1 for the vendor thanx. This header is required for every request. The value should be application/vnd.thanx-v1+json. Thanx will notify you when a new API version is available.
Merchant-KeystringRequiredThe Merchant key header identifies the merchant in Thanx. The value for this key will be provided to you by Thanx.
User-AgentstringRequiredeg. {partner}/1.0.0. This value should be set to something that indicates the name of the partner. This is useful for debugging purposes.
Reward-Redemption-TokenstringOptionalToken for reward redemption.
Send Reward-Redemption-Token only for token-only redemption flows (no user Authorization Bearer). When you authenticate with a Bearer token, omit this header. If it is present, the basket call returns 404 when the merchant does not have indirect loyalty integration enabled, or 401 when the token does not resolve to a reward.