2. Authentication
Overview
The first step when using Paylink API is authenticating and getting a token. The merchant's system will use this token for every endpoint call to authenticate and authorize the merchant's system.
Endpoint
POST /api/auth
Request Body Parameters
| Fields Name | Type | Description |
|---|---|---|
| apiId | String | API ID that Paylink gives. If you need the API ID, subscribe to a package that supports API. |
| secretKey | String | This secret key must be saved securely and not be exposed outside the server side of the merchant system. Paylink gives the secret key. If you need the SECRET KEY, subscribe to a package that supports API. |
| persistToken | boolean | This is a boolean value. If set to true, then the returned token is valid for 30 hours. Otherwise, the returned token will be good for 30 minutes. |
An example of the request from the Paylink Auth API is the following:
{
"apiId":"APP_ID_1123453311",
"secretKey":"0662abb5-13c7-38ab-cd12-236e58f43766",
"persistToken":"false"
}
Important Note
Ensure that you use the correct credentials to avoid any issues during the process, depending on whether you are testing or deploying your payment integration.
Success Response
If the API keys correct and the Authentication request success. The response details are as follows:
| Field Name | Type | Description |
|---|---|---|
| id_token | string | The token value. Its validation period is either 30 minutes or 30 hours. |
Example of the response:
{
"id_token": "eyJhbGciOiJIUzUxMiJ9.eyJ12JhYmR1bGVsYWguc2FyYWhAZdsasuY29tIiwiYXV0aCI6IlJPTEVfTUADFDDFDUk9MRV9NRVJDSEFOVF9BQ0NPVU5UIiwiZXhwIjoxNTk2NDQ0MzgwfQ.lNuL-87651-qnzezUaLnheW6ymryn4LlREis4lJO_WVmQtl69HPXCMHjFBuS-B7c5GyDPac_TDKM146fOZlAlA"
}
Use of the token.
When the merchant's application receives a token, the request header of any other secured endpoints must contain this token. The header format is Authorization: Bearer [TOKEN].
To try this endpoint, click here.
Updated 14 days ago