**Last updated**: 22 April 2025 | [**Change log**](/products/3ds/changelog/)

# Get started

Verify your customer's identity simply and seamlessly to minimize fraud. Use our strong customer authentication to benefit from liability shift.

Note
Make yourself familiar with our [API Principles](/products/reference/api-principles) to ensure a resilient integration.

## Set your headers

Setting your headers is an important part of an API request. The headers represent the meta-data associated with your API request.


```
Authorization: {your_credentials}
Content-Type: application/vnd.worldpay.verifications.customers-v3.hal+json
Accept: application/vnd.worldpay.verifications.customers-v3.hal+json
```

| Header | Description |
|  --- | --- |
| `Authorization` | The `Authorization` header is used for authentication and identification of our merchants within Access Worldpay. You **must** use the `Authorization` header for any request you send to our 3DS API. |
| `Content-Type` | The `Content-Type` header is required if the request you're sending includes a request body, and if the HTTP method is a `POST` or a `PUT`. |
| `Accept` | The `Accept` header is used to identify which version of our 3DS API you are using. You **must** use the `Accept` header for any request you send to our 3DS API. |


If you're using both the `Content-Type` and `Accept` headers, they must match.

Note
Replace `{your_credentials}` with your base64-encoded Basic Auth username and password. To get your Access Worldpay credentials contact your Worldpay Implementation Manager.

## DNS whitelisting

Whitelist the following URLs:

* `https://try.access.worldpay-bsh.securedataplatform.com/`
* `https://access.worldpay-bsh.securedataplatform.com/`


Please ensure you use DNS whitelisting not explicit IP whitelisting.

### Link caching

Note
When you make a request within Access Worldpay, you should always cache the response returned.

**Next steps**

[Device Data](/products/3ds/web/device-data)