24/7 Support: 800.608.6482

Overview

Miva Merchant has a XML layer that allows you to perform any action you could do via the admin (add a product, update inventory, update tracking numbers) programmatically via XML tags. These XML tags are referred to as "Miva Provisioning". The remote provisioning module handles all the security and authentication, as well as management of the Access Tokens (API Keys). Keys can be revoked anytime and are limited by IP address for security.

1. Remote Provisioning Settings

2. Authentication

3. HTTP Request Method

4. HTTP Headers

Remote Provisioning Settings

Authentication

Authentication to the provisioning api is performed via an access token passed through a HTTP header in the request, with the header name MMProvision-Access-Token. Any request that does not contain the MMProvision-Access-Token HTTP header, contains an invalid access token, or is sent from a machine with a non-white listed IP address, will render an Access Denied response.

HTTP Request Method

All remote calls to the provisioning api should be sent as POST requests.

HTTP Headers

In addition to the MMProvision-Access-Token authentication header, the Content-Type HTTP header should be set to text/xml for all provisioning requests. This HTTP header will also be set on all provisioning responses.

Example: Content-Type: text/xml; charset=utf-8

Looking for Developer Docs?

We have a whole section for that, including: Developer Training Series, Template Language docs, Module Development tutorials and much, much more.

Head to the Developer Section

Copyright © 1997 – 2025 Miva®, Miva Merchant®, MivaPay®, MivaCon®, Camp Miva®, Miva Connect®, Miva, Inc. All Rights Reserved.