Authenticating Luminate Online Server API calls is a two-stage process.

1. The IP address of the server invoking the API call will be checked against the list of allowed IP ranges, per the Luminate Online Site Configuration parameters.
2. If the API is being invoked from a server in the allowed IP range, then the login_name and login_password parameters will be used to authenticate with the site.
3. Each API or method may verify that the API Administrator account specified by the login_name and login_password parameters has the correct permission to access that particular API before authorizing access. See the documentation for the individual API or method for information on the necessary permissions.

If the above succeeds, the caller will be authenticated and the API call will proceed. If any of the above fail, then the call will not be authenticated and an error message will be returned.