/token is used to authenticate API integrators for every Aeropay endpoint.
/token returns a transient JSON web token (JWT) to authorize access to the AeroPay API. Tokens last for 30 minutes and are required in the header 'authorizationToken'.
This header should look as follows: Bearer {{token}}
'scope' determines who is acting on the system. 'scope' can be merchant, user or userForMerchant (white label user), and will determine what endpoints are available.
-'merchant' scope, used for merchant calls. The id parameter is required.
-'user' scope, used for user calls. Only the api_key and api_secret are required. The api_key is the username and the api_secret is the user's password.
-'userForMerchant' scope, is used to act on behalf of users created by your merchant. An additional userId is required along with all of the merchant credentials (api_key, api_secret, id)
*NOTE: Aeropay errors come back with a 200 response, but a 'success' value of false