Miva Merchant has a XML layer that allows you to perform any action you could do via the admin (add a product, update inventory, update tracking numbers) programmatically via XML tags. These XML tags are referred to as "Miva Provisioning". The remote provisioning module handles all the security and authentication, as well as management of the Access Tokens (API Keys). Keys can be revoked anytime and are limited by IP address for security.
Authentication to the provisioning api is performed via an access token passed through a HTTP header in the request, with the header name MMProvision-Access-Token. Any request that does not contain the MMProvision-Access-Token HTTP header, contains an invalid access token, or is sent from a machine with a non-white listed IP address, will render an Access Denied response.
All remote calls to the provisioning api should be sent as POST requests.
In addition to the MMProvision-Access-Token authentication header, the Content-Type HTTP header should be set to text/xml for all provisioning requests. This HTTP header will also be set on all provisioning responses.
Example: Content-Type: text/xml; charset=utf-8