Authentication

Overview

The user identification and application authorization sequence begins when your application redirects a browser to the Login Page. This Page handles the user authentication based on the configuration applied for the application. The result is an authorization code, which the application can use for user token. Access Authentication API is used to generate API key for particular user. By using this API key you can consumes other APIs (Create app , Purchase etc.) API key generated will be valid for next 20 min. In production user will redirect to authentication UI and authorising self the user will redirect to the next UI. The behaviour of the API will varies in sandbox as compared to actual production environment.

Changes from the previous version

This is the changelog of Access authorization API. The topmost item is the latest version and the changes described in it are relative to the previous version which is listed directly below. The current version of the API documentation is 2.0

Sample flow

On the picture below you can see the sample authentication flow.

Swagger Definition

The Access Authorization API specification is also available in the swagger format. Swagger is the world’s largest framework of API developer tools for the OpenAPI Specification(OAS), more information about it can be found here.

Request URL Parameter: No request body Parameter in this API.

Request Header Parameter

Examples

Sample Success Response

{
    "message": null,
    "messageDescription": null,
    "tokenDetail": {
        "apiKey": "c9483211-e8ed-490b-8238-bf2fc5823ca2"
    }

Sample Error Responses

HTTP/1.1 400  {
    "httpCode": "401",
    "httpMessage": "Unauthorized",
    "moreInformation": "Invalid client id or secret."
}

Sample Response: for Error
HTTP/1.1 400  {
    "errorId": "CFAP-400",
    "category": "APPLICATION",
    "message": "Bad Request - WRONG Country Id",
    "timestamp": "2021-02-23T06:45:44.083+0000"
}