API Authentication

Authentication Flow

The integrator makes a call to get an authentication token.

The integrator makes calls to any of the AddonPayments API endpoint until their login token has expired.

API Authentication by oAuth2

Client Authentication

Registered OAuth applications are assigned a unique Client ID (client_id) and unique Client Secret (client_secret).

By sending the client_id and the client_secret, you are letting Sell API know which application is accessing the API. Only requests to the Authorization Server require client credentials.

To authenticate an application with the Authorization Server, use the standard Authorization header with the basic authentication scheme, where the username is the client_id and the password is the client_secret. Every request to the OAuth token endpoint requires client authentication.

Authorization: Basic Base64($CLIENT_ID:$CLIENT_SECRET)

The way to do this using a tool like curl is to use the -h or --header flag, which is used for passing authentication information in the form of client_id:client_secret. For example, the API authentication flow requires the client credentials in order to obtain an access token. The example below shows how to make the request

$ curl -v -X POST https://api.easypaymentgateway.com/epgpay-auth/login \
      --header 'Authorization: Basic Base64($CLIENT_ID:$CLIENT_SECRET)' \
      --header 'Content-Type: application/x-www-form-urlencoded' \
      --data "grant_type=client_credentials"

Response

Path	Type	Description
`jti`	String	A unique identifier for the authentication token.
`access_token`	String	The token that is used for further authentication calls to AddonPayments systems. This needs to be appended to further requests as a request header with the “Bearer” word prepended
`expires_in`	Number	The amount of time in secons the given access toke is valid for. For using the client_credentails flow like this, after this amount of time has passed, you must reauthenticate
`token_type`	String	always bearer when using client_credentials

{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsib2F1dGgyLXJlc291cmNlIl0sInNjb3BlIjpbInRyYW5zYWN0aW9uLWFwaSJdLCJtZXJjaGFudF9pZCI6IjEwNDUwIiwiZXhwIjoxNjI0OTgyMjkyLCJhdXRob3JpdGllcyI6WyJJTlZfTUFOQUdFTUVOVCIsIklOVl9FTUFJTF9DT05GSUciLCJJTlZfVEVNUExBVEUiLCJJTlZfQkFUQ0giXSwianRpIjoiMTA5ZjYwZTgtZjUyMy00NDFlLTg3NzEtYjFmODVmNTk4ZTk0IiwiY2xpZW50X2lkIjoiMTA0NTAtYXF4Z0pOUWQifQ.cQQFvtbcawtVj4KiTxQnc1sHM-akltyNMb0Ghq7gOSEOyfitIF6SlMT7RoGNsU4V-hE_0h6MesgeYW6bfu2PtuM5b4ODF31TAWGU7BFp9FfsLKJev7Gswhp2zZN80kHFcGCtIQkW-sC_yb4pBiaIfdiQWqK-VDPFrvyUERxqEqF4hy6DufIf6-yWF2WuWIAqf1y5_jbSzZbh2i05UllVdEtxux1_-MXULS73YQangG6P8y6dr2jauH-raxExP733Az723juIddRfRl9cvIeFBWECF4uWHR3EyHvLTH3PqmtCTmEJvhp9h_IAbEBectBEcKIII_5DBr1gjvBvxZjeqw",
  "token_type": "bearer",
  "expires_in": 1799,
  "scope": "transaction-api",
  "merchant_id": "10450",
  "authorities": [
    "INV_MANAGEMENT",
    "INV_EMAIL_CONFIG",
    "INV_TEMPLATE",
    "INV_BATCH"
  ],
  "jti": "109f60e8-f523-441e-8771-b1f85f598e94"
}