Technical guides
Headers (Token-based)
This page covers the web-store access token authentication flow. This approach eliminates the need to store customer credentials and simplifies token management.
Why this flow
The access token generated in the HLC web store lets you authenticate without storing usernames/passwords. It’s ideal for server‑to‑server integrations and background jobs.
Use case: A dealer portal uses a single access token for nightly catalog syncs and inventory refreshes.
Required headers
| Header | Required | Notes |
|---|---|---|
| ApiKey | Yes | Access token from the web store |
| language | No | en or fr |
| callerName | No | App identifier |
Example request
const baseUrl = 'https://api.hlc.bike/us/v3.0'
const apiKey = process.env.HLC_API_KEY
const res = await fetch(`${baseUrl}/Catalog/Brands`, {
headers: {
ApiKey: apiKey,
language: 'en',
callerName: 'headers-token-flow',
},
})
const brands = await res.json()
Tip
Store the access token in a secrets manager and rotate it on a schedule.