Returning User
User Definition
Returning user: an Aeropay user that has previously used your platform and whose Aeropay userId you have stored in your database.
This guide assumes you have already stored the user's Aeropay
userIdfrom their initial sign-up. If you do not have auserIdon file for this user, refer to the New User guide before proceeding.
Returning users will not be sent an MFA (one-time passcode).

Basic Returning User Flow: use stored userId
Step 1 - Generate the userForMerchant Token
The POST /v2/token endpoint is used to authenticate API integrators for every Aeropay endpoint. The token scope determines who is acting on the system: merchant or userForMerchant (white labeled user). The scope will determine what endpoints are available.
All tokens have a time to live (TTL) of 30 minutes.
A
userForMerchanttoken can only be obtained after a user has been verified with your merchant. If you receive an error when fetching this token, confirm that you have calledPOST /v2/userfollowed byPOST /v2/confirmUserfor this user. Steps are outlined here.
HTTP request
Sandbox - POST https://api.sandbox-pay.aero.inc/v2/token
Production - POST https://api.aeropay.com/v2/token
Request parameters
| Parameter | Required? | Type | Description |
|---|---|---|---|
| apiKey | Yes | String | API Key or user email |
| apiSecret | Yes | String | API Secret or user password |
| scope | Yes | String | Type of token requested |
| id | Yes | String | Merchant Id |
| userId | Yes | String | Id of user |
HTTP status and error codes
| HTTP status | Error Code | Meaning | Resolution | Message |
|---|---|---|---|---|
| 400 | AP002 | API credentials are invalid | Confirm correct api key, api secret, and environment | Invalid API key or secret key |
| 400 | AP700 | Scope is invalid | User either merchant or userForMerchant scope | Invalid scope |
| 400 | AP700 | Scope is not provided | User either merchant or userForMerchant scope | Missing required Parameter: 'scope' |
| 400 | AP700 | Missing apiSecret | Make sure to define a valid string for apiSecret | Missing required Parameter: 'apiSecret' |
| 400 | AP700 | Missing apiKey | Make sure to define a valid string for apiKey | Missing required Parameter: 'apiKey' |
| 400 | AP700 | Missing userId | Make sure to define a valid userId (for userForMerchant token) | Missing required Parameter: 'userId' |
Code Example - Request
curl --request POST \
--url https://api.sandbox-pay.aero.inc/v2/token \
--header 'Content-Type: application/json' \
--header 'accept: application/json' \
--data '
{
"scope": "userForMerchant",
"apiKey": "api-key-ab1341-asdflk3",
"apiSecret": "api-secret-ab1341-asdflk3",
"id": "1456",
"userId": "6b5f996a-29b3-4af7-a407-e21bd8afb847"
}
'Code Example - Response
{
"TTL": 1800,
"token": "eyJ0eXAiOiJKN7YiLCJhbGciOiJIUzI1NiJ9.eyJhdXRoIjoiNDgiLCJzdWIiOiJtZXJjaGFudCIsImp0aSI6ImZhNGY2NzRmLTJkOTEtNGExNS05OTk3LTc1NWI2ZTYyZDhkYiIsImV4cCI6MTY5NDAzNTc2MSwidXNlcm5hbWUiOiJ1cy1lYXN0LTE6M2NlMjBiZDUtNzg03ZCRMjY5LWExM2UtZmM1MzIyMTk0NTAxIn0.3B1sdyVNpTW644RtpoGmQnRlp9PKGjrk91YUi0Uq2Os"
}Step 2 -Retrieve the User Details
Aeropay recommends saving the user.id and demographic information in your own database, but the user's actively-linked bank accounts must be fetched before making a transaction. To fetch the user's linked bank accounts, use the GET /v2/bankAccounts endpoint. The GET /v2/user API can be used to fetch all relevant user information by searching on the user's Aeropay user.id.
HTTP request (bankAccounts)
Sandbox - GET https://api.sandbox-pay.aero.inc/v2/bankAccounts
Production - GET https://api.aeropay.com/v2/bankAccounts
Request parameters
This endpoint does not require query parameters. The user's bank accounts are retrieved based on the authorization token provided.
Code Example - Request
curl --request GET \
--url https://api.sandbox-pay.aero.inc/v2/bankAccounts \
--header 'Content-Type: application/json' \
--header 'accept: application/json' \
--header 'authorization: Bearer {{userForMerchant token}}'Code Example - Response
{
"bankAccounts": [
{
"bankAccountId": 1139036,
"bankName": "Aerosync Bank (MFA)",
"accountLast4": "3535",
"name": "Aerosync Checking",
"isSelected": true,
"accountType": "checking",
"status": "verified",
"createdDate": "2025-12-01T18:52:37+00:00"
},
{
"bankAccountId": 1139682,
"bankName": "Aerosync Bank (oAuth)",
"accountLast4": "1329",
"name": "Aerosync Checking",
"isSelected": false,
"accountType": "checking",
"status": "verified",
"createdDate": "2025-12-11T21:50:22+00:00"
}
]
}HTTP request (user)
Sandbox - GET https://api.sandbox-pay.aero.inc/v2/user
Production - GET https://api.aeropay.com/v2/user
Code Example - Request
curl --request GET \
--url https://api.sandbox-pay.aero.inc/v2/user \
--header 'Content-Type: application/json' \
--header 'accept: application/json' \
--header 'authorization: Bearer {{user or userForMerchant token}}'Code Example - Response
{
"user": {
"id": "6b5f996a-29b3-4af7-a407-e21bd8afb847",
"firstName": "John",
"lastName": "Doe",
"type": "consumer",
"email": "[email protected]",
"phoneNumber": "+11734629291",
"createdDate": "2024-12-19T17:28:14+00:00",
"userStatus": "Active"
}
}Updated 21 days ago

