Authentication
This page describes the API endpoint that Partners can use to retrieve access tokens required for server-side integration.
Request access token
POST
/api/oauth/token
This API endpoint allows partners to obtain access tokens required for making subsequent API calls to interact with our system. Partners are provided with a unique Client ID and Client Secret, which are used to authenticate and authorize requests.
Headers
Accept
application/json
Content-Type
application/json
Body
grant_type
string
The authentication method of validation credentials
client_id
string
The unique Client ID provided to the partner
client_secret
string
The Client Secret associated with the Client ID
Response
Authorization Header
Partners must include the received access token in the Authorization
header for subsequent API requests as proof of identity.
Example
Security
Partners should keep their Client ID and secret secure and not expose them publicly.
Access tokens should be treated as sensitive information and securely transmitted over HTTPS.
Access tokens have a limited validity period and cannot be refreshed. Partners should request a new access token as needed to maintain access to the system.
Last updated