Authentication
All API endpoints listed in this documentation require Authorization header with Bearer authentication scheme.
To obtain Access token execute OAuth2 client credentials flow as per RFC6749
Duration of the access token is available as a part of the response
URL path - /checkout/oauth2/token
Request Headers
| Header Name | Header Value |
|---|---|
| Content-Type | application/x-www-form-urlencoded |
| Authorization | Basic base64(Username:Password) |
Username and password will be provided by Account Manager.
Form Parameters
| Parameter Key | Parameter Data Type | Required | Notes |
|---|---|---|---|
| grant_type | string | Y | Parameter value must be set to client_credentials |
| scope | string | Y | The scope of the access request as described by the RFC |
Partner specific scopes will be provided by Account Manager.
Examples
Request
POST /checkout/oauth2/token HTTP/1.1
Host: sample.pyng.com.au
Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&scope=pyng_defined_scope
Response
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
{
"access_token":"acccess_token_example",
"token_type":"Bearer",
"expires_in":3600,
"scope": "pyng_granted_scope_1 pyng_granted_scope_2"
}