Authentication
For authentication we use OAuth2 and the client credentials flow.
| Environment | Base URL |
|---|---|
| Test | https://auth.test.24sevenpay.net |
| Production | https://auth.24sevenpay.net |
tip
A complete overview of OAuth2 endpoints, supported scopes and claims can be found at https://{baseURL}/.well-known/openid-configuration
Example
The following is an example request for obtaining a token.
POST /token HTTP/1.1
Host: {base URL}
grant_type=client_credentials
&client_id=xxxxxxxxxx
&client_secret=xxxxxxxxxx
&scope=merchant
A successful token response may look like this:
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache
{
"access_token":"MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3",
"token_type":"bearer",
"expires_in":3600,
"refresh_token":"IwOGYzYTlmM2YxOTQ5MGE3YmNmMDFkNTVk",
"scope":"merchant"
}
info
When autenticating as a merchant you use merchant id as client_id and your API key as client_secret.