- Security
- Get Access Token
Security
Get Access Token
Before reaching this endpoint, several preparations need to be made, including obtaining the client_id, client_secret, and api_key through the merchant dashboard. This feature utilizes Basic Authentication type to generate an access_token.
Information
| Method | Path | Format | Authentication |
|---|---|---|---|
| POST | /api/v1.0/access-token/b2b | json | Basic Auth |
Request Details
When making a request to obtain an access token using the Get Access Token endpoint, several key pieces of information are required. These details are crucial for successful authentication and access to the API resources.
Headers Structure
| Field | Value | Type | Mandatory | Length | Description | Example |
|---|---|---|---|---|---|---|
| X-PARTNER-ID | Alphanumeric | Mandatory | - | api_key (please check in merchant dashboard) | b3ed7d4b-a96c-6c08-b3c7-12c3124242d9 | |
| Accept | application/json | Alphabetic | Mandatory | - | Give back response with JSON format | |
| Authorization | Basic [base64 encoded value] | Alphanumeric | Mandatory | - | base64 encoded value = base64_encode(clientId+”:”+secretClientId) | Basic am9obkBleGFtcGxlLmNvbTphYmMxMjM= |
Body Structure
| Field | Value | Type | Mandatory | Length | Description | Example |
|---|---|---|---|---|---|---|
| grantType | client_credentials | Alphabetic | Mandatory | - | - | - |
Body Example
{
"grantType": "client_credentials"
}Response Details
The response section provides details about the response received from the server after making a request to obtain an access token using the Get Access Token endpoint. It includes information such as the HTTP status code, headers, and the body of the response. Understanding the response is crucial for handling authentication errors, successful token retrieval, and accessing API resources securely.
Response Structure
| Field | Type | Mandatory | Length | Description | Example |
|---|---|---|---|---|---|
| status | Numeric | Mandatory | 3 | HTTP Status Code | 200 |
| success | Boolean | Mandatory | 1 | Indicates if the request was successful | true |
| data | Object | Conditional | - | Contains additional data (if available) | - |
| > access_token | Alphanumeric | Mandatory | 344 | JWT Token | eyJ0eXAiOiJKV1Qi{…} |
| > token_type | Alphabetic | Mandatory | - | Type of token | Bearer |
| > expires_in | Numeric | Mandatory | - | Session duration in seconds | 3600 |
Response Example
Success: Here’s an example of a successful response.
{
"status": 200,
"success": true,
"data": {
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9{...}",
"token_type": "Bearer",
"expires_in": "3600"
}
}Error: This is an example of an unsuccessful request.
{
"status": 401,
"success": false,
"error": {
"code": 401,
"message": "Invalid credentials"
}
}