Onboarding
Steps
- Choose the method of access, websec/sat/cima
- Create client id(s) and secrets if required based on (1)
- Request scopes to be approved for your client ids
- Submit a request for API KEY
- You are now ready to consume the API's
Environments
GraphQL Endpoints
| Environment |
Endpoint |
| Staging |
https://xcp-sales-gateway-staging.xoe.xfinity.com/graphql |
| Production |
https://xcp-sales-gateway-prod.cws.xfinity.com/graphql |
REST API
| Environment |
Endpoint |
| Staging |
https://xcp-staging.xoe.xfinity.com |
| Production |
https://xcp-prod.xoe.xfinity.com |
Authentication
For more in depth understanding of these authentication mechanisms please refer Authentication
Scopes
Azure Auth type doesnt have scope validation at this point.
| Auth type |
Operation |
Scope |
| CIMA/SAT/Websec |
Initalize |
xcp:salescontext:create |
Below headers apply for all the variations of api invocations
| Header |
Description |
Required |
| Authorization |
Bearer Token |
Required |
| x-tracking-id |
UUID tracking id |
Required |
| partnerId |
Partner Id |
Required |
| x-account-id |
account Id |
Optional / Recommended for better tracking |
| content-type |
application/json |
Required |
| x-api-key |
API Key from XCP |
Required |