Authorization

In order to enhance the security of the payment process, every merchant is required to be authorized to the system. This can be achieved by the merchant making a call to a POST API endpoint and providing his username and password. With successful authorization, the merchant is presented with a JWT-token. This received token will be the merchant's pass until the access token runs out. When that happens, the merchant can request a new JWT-token by sending a refresh token to the designated API endpoint.

POST https://{auth-api-base-url}/api/v1/login
- Description: Authorizes the merchant with their username and password.
- Request:
  { "username": "string", "password": "string" }
- Response:
  { "username": "string", "accessToken": "string", "refreshToken": "string", "accessTokenExpiryUtc": "DateTime", "refreshTokenExpiryUtc": "DateTime", "roles": [ "string" ] }
- Error Response:
  { "message": "string" }

Refresh Token

POST https://{auth-api-base-url}/api/v1/refresh-token
- Description: Refreshes merchant's token.
- Request:
  { "refreshToken": "string" }
- Response:
  { "username": "string", "accessToken": "string", "refreshToken": "string", "accessTokenExpiryUtc": "DateTime", "refreshTokenExpiryUtc": "DateTime", "roles": [ "string" ] }
- Error Response:
  { "message": "string" }

Last modified: 03 September 2024

Authorization

Login

Refresh Token