API Access Token - via Username and Password
This service has the function of generating an "Access Token" which will allow to generate a unique code "Nonce" for the Flex Form or to consume directly the APIs.
Environment | EndPoint | Method |
Development | POST | |
Pre-Production | POST | |
Production | POST |
Headers
Header | Value | Required |
Content-Type | application/json | Yes |
ALG-API-VERSION | API version to be used. Available values: 1618440906 | Yes |
"Content-Type":"application/json",
"ALG-API-VERSION":"1618440906",
Request
Parameter | Type | Long. | Description | Req. |
action | String | - | The intent of the merchant. In this case it is "authorize". | Yes |
grant_type | String | - | Type of request. In this case "password". | Yes |
client_id | String (AN) | 100 | ID assigned to the merchant. Value provided by Pay-me. | Yes |
client_secret | String (AN) | 100 | Secret assigned to merchant. Value provided by Pay-me. | Yes |
audience | String | - | Unique identifier of the APIs Tokens and Charges to which access is requested. Available values: | Yes |
username | String (AN) | 100 | User of the merchant requesting access. Value provided by Pay-me. | No |
password | String (AN) | 100 | Password of the merchant requesting access. Value provided by Pay-me. | No |
scope | String | - | List of permissions you want to have with the Access Token. Values must be separated by space. Available values: create:token post:charges delete:charges offline_access (if sent, a Refresh Token is returned in the response.) | Yes |
{
"action":"authorize",
"grant_type":"password",
"username":"commerce@email.com",
"password":"123456",
"audience":"https://api.dev.alignet.io",
"client_id":"yhaPE3jtHXHMKUZBBFr9QS1x1FaXxr",
"client_secret":"uTCetT3d4T-1NgXyTO66C0850xLJ5c7CwoyXm23NALxZ-MbwQxkqs1Q9ThwWfE",
"scope":"create:token post:charges offline_access"
}
Response:
Parameter | Description |
action | Process performed, in this case is "authorize". |
success | Result of the operation: true: Processed successfully. false: Not processed successfully. |
access_token | Access Token required to consume the APIs. |
refresh_token | Token that allows you to request new Access Tokens without having to send Username and Password. |
scope | Permissions enabled for the Access Token. |
expires_in | Access Token lifetime in seconds. |
token_type | Token type, at the moment only "Bearer" is used. |
authorization.meta.status.code | Code associated with the status of the operation. Available values: 00: In case of success 01: In case of error |
authorization.meta.status.message_ilgn.locale | Configuration of the language used for the status code message. |
authorization.meta.status.message_ilgn.value | Message resulting from the process. |
{
"action":"authorize",
"success":true,
"access_token":"eyJhbGciOiJSUzI1NsInR5cCI6IkpXVCIsImtpZCI6IlVfR2ZLY.........",
"scope":"create:token post:charges offline_access",
"refresh_token":"p11tyL00fVo0EFd68qzQyBEDojWCuG8zyhQCA1B9_zL5zwZ.........",
"expires_in":86400,
"token_type":"Bearer",
"authorization":{
"meta":{
"status":{
"code":"00",
"message_ilgn":[
{
"locale":"es_PE",
"value":"Access Token creado"
}
]
}
}
}
}
Continue to API Access Token - via Refresh Token ➡️