API client requirements
Sendcloud takes your and your customer’s security seriously. Therefore, before interacting with our API, please check if your client supports the protocols and security features we require.
HTTPS (TLS)
A secure connection is enforced. Please always connect to the Sendcloud API using HTTPS. We only support TLSv1.2 and higher, as lower versions are no longer considered secure. This means that SSLv3 and SSLv2 are also not supported.
Certificate
Our certificate is signed by Amazon Root CA. Most operating systems and clients have built-in support for automatically verifying these certificates. In case yours doesn’t, you can add the AWS CA to your list of trusted Certificate Authorities (CA). Note that our API’s server certificate is rotated regularly and it is therefore not recommended to pin our certificate instead.
Supported TLS Ciphers
A cipher suite is a set of algorithms that help secure a TLS connection.
Sendcloud platform supports the following ciphers:
TLS_AES_128_GCM_SHA256TLS_AES_256_GCM_SHA384TLS_CHACHA20_POLY1305_SHA256TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
HTTP version
The Sendcloud API supports both HTTP/1.1 and HTTP/2. HTTP/3 is not (yet)
supported. HTTP/1.0 is not supported.
GET requests that include a body
The Sendcloud API does not support GET requests that include a body.
If a GET request includes a body, the server will respond with HTTP status code 403 (Forbidden).
IP version
Currently our API is only available using IPv4.
