diff --git a/engines/scc_suma_api/app/controllers/scc_suma_api/scc_suma_api_controller.rb b/engines/scc_suma_api/app/controllers/scc_suma_api/scc_suma_api_controller.rb
index 5d1d844e5..14bd6c245 100644
--- a/engines/scc_suma_api/app/controllers/scc_suma_api/scc_suma_api_controller.rb
+++ b/engines/scc_suma_api/app/controllers/scc_suma_api/scc_suma_api_controller.rb
@@ -1,3 +1,4 @@
+require 'base64'
 require 'json'
 
 module SccSumaApi
@@ -33,11 +34,17 @@ def scc_client
     end
 
     def is_valid?
+      instance_data = Base64.decode64(request.headers['X-Instance-Data'].to_s)
+      product_hash = {
+        identifier: request.headers['X-INSTANCE-IDENTIFIER'],
+        version: request.headers['X-INSTANCE-VERSION'],
+        arch: request.headers['X-INSTANCE-ARCH']
+      }
       verification_provider = InstanceVerification.provider.new(
         logger,
         request,
-        params.permit(:identifier, :version, :arch, :release_type).to_h,
-        params[:metadata]
+        product_hash,
+        instance_data
       )
       raise 'Unspecified error' unless verification_provider.instance_valid?
     end
diff --git a/engines/scc_suma_api/spec/requests/scc_suma_api/scc_suma_api_controller_spec.rb b/engines/scc_suma_api/spec/requests/scc_suma_api/scc_suma_api_controller_spec.rb
index 4eb40efa8..b2cb0e13d 100644
--- a/engines/scc_suma_api/spec/requests/scc_suma_api/scc_suma_api_controller_spec.rb
+++ b/engines/scc_suma_api/spec/requests/scc_suma_api/scc_suma_api_controller_spec.rb
@@ -13,9 +13,9 @@ module SccSumaApi
       let(:product) { FactoryBot.create(:product, :product_sles_sap, :with_mirrored_repositories, :with_mirrored_extensions) }
       let(:payload) do
         {
-          identifier: product.identifier,
-          version: product.version,
-          arch: product.arch
+          'X-INSTANCE-IDENTIFIER' => product.identifier,
+          'X-INSTANCE-VERSION' => product.version,
+          'X-INSTANCE-ARCH' => product.arch
         }
       end
       let(:logger) { instance_double('RMT::Logger').as_null_object }
@@ -37,6 +37,8 @@ module SccSumaApi
               file_fixture('products/dummy_products.json'),
               Rails.root.join('tmp/unscoped_products.json')
               )
+
+            get '/api/scc/unscoped-products', headers: payload
           end
 
           after { File.delete(unscoped_file) if File.exist?(unscoped_file) }
@@ -52,7 +54,7 @@ module SccSumaApi
 
           context 'endpoints return unscoped products' do
             before do
-              get '/api/scc/unscoped-products', params: payload
+              get '/api/scc/unscoped-products', headers: payload
             end
 
             its(:code) { is_expected.to eq '200' }
@@ -71,7 +73,7 @@ module SccSumaApi
             allow(RMT::Logger).to receive(:new).and_return(logger)
             File.delete(unscoped_file) if File.exist?(unscoped_file)
 
-            get '/api/scc/unscoped-products', params: payload
+            get '/api/scc/unscoped-products', headers: payload
           end
 
           its(:code) { is_expected.to eq '200' }