Last update:
August 26, 2024
Virto Commerce Security¶
There are many aspects of security in Virto Platform and Web API. We will, however, be focusing on the core topics, such as authentication, authorization, and some best practices you might want to follow.
Note
There has been much confusion in what the difference between authentication and authorization is. In fact, this is very simple:
-
Authentication refers to verifying who you are, i.e. providing your credentials (username and password).
-
Authorization refers to what you can do, e.g., access, edit, or delete permissions for documents; you can get authorized to do something only once the authentication is complete.