Currently there are two API authentication systems in use at zanox. The older ERP API uses simple username/password authentication to obtain a session token, which can then be used for authorization in other methods. The Publisher, Data and Connect APIs use an OAuth-like authentication that allows publishers to easily access their own data and authorize selected 3rd party applications to use their data for value added services. As this method of authentication involves certain complexity, zanox offers client libraries that take care of generating signatures and allow developers to concentrate on business logic.
Future APIs will introduce support for fully standard OAuth 2.0, while remaining compatible with the current OAuth implementation.