Step 1 - Authentication
Authenticate Merchant & Fetch Token
The POST /token
endpoint is used to authenticate API integrators for every Aeropay endpoint. The token scope determines who is acting on the system: merchant, user, or userForMerchant (white labeled user). The scope will determine what endpoints are available.
All tokens have a time to live (TTL) of 30 minutes.
Step 1A - Generate the Token
HTTP request
Sandbox - POST https://staging-api.aeropay.com/token
Production - POST https://api.aeropay.com/token
Request parameters
Parameter | Required? | Type | Description |
---|---|---|---|
api_key | Yes | String | API Key or user email |
api_secret | Yes | String | API Secret or user password |
scope | Yes | String | Type of token requested |
id | Only for merchant & userForMerchant scope | String | Merchant Id |
userId | Only for userForMerchant scope | String | Id of user |
HTTP status and error codes
HTTP status | Error Code | Meaning | Resolution | Message |
---|---|---|---|---|
200 | AP002 | API credentials are invalid | Confirm correct api key, api secret, and environment | Invalid API key or secret key |
200 | AP700 | Missing request parameter | Add missing parameter | Missing required Parameter: 'userId' |
Code Example - Request
curl --request POST \
--url https://staging-api.aeropay.com/token \
--header 'Content-Type: application/json' \
--header 'accept: application/json' \
--data '
{
"scope": "merchant",
"api_key": "api-key-ab1341-asdflk3",
"api_secret": "api-secret-ab1341-asdflk3",
"id": "1456"
}
'
Code Example - Response
{
"TTL": 1800,
"token": "eyJ0eXAiOiJKN7YiLCJhbGciOiJIUzI1NiJ9.eyJhdXRoIjoiNDgiLCJzdWIiOiJtZXJjaGFudCIsImp0aSI6ImZhNGY2NzRmLTJkOTEtNGExNS05OTk3LTc1NWI2ZTYyZDhkYiIsImV4cCI6MTY5NDAzNTc2MSwidXNlcm5hbWUiOiJ1cy1lYXN0LTE6M2NlMjBiZDUtNzg03ZCRMjY5LWExM2UtZmM1MzIyMTk0NTAxIn0.3B1sdyVNpTW644RtpoGmQnRlp9PKGjrk91YUi0Uq2Os"
}
Your client_secret should be kept a secret!
Be sure to store your client credentials securely.
Updated about 1 year ago