Authentication
What is needed to use the Installment Loan API
An HTTP Basic Authentication is needed to use an Installment Loan API. To do so, you need to know the credentials for accessing the system which is unique for each Merchant.
The credentials consist of two parameters: client_id and secret_key, which are used as a username and a password for the Merchant Authentication. The company receives those credentials once it has been registered in the Bank system as a Merchant and has filled in all necessary data. (see: How to find out the Merchant’s system credentials)
Example:
client_id: 1006
secret_key: 581ba5eeadd657c8ccddc74c839bd3ad
Header:
Authorization: Basic MTY2Njo1ODFiYTVlZWFkZDY1N2M4Y2NkZGM3NGM4MzliZDNhZA==
Method Description
Via the given method a Merchant passes the authentication. On calling this method, the Online Installment Loan Server returns a ‘Bearer Token’ which is used as a mandatory parameter for the authentication when calling all further methods.
Header
Content-Typerequiredapplication/x-www-form-urlencoded
AuthorizationrequiredBasic <base64>
Basic
+ <client_id>:<secret_key>
coded in a Base64 format (i.e: „Basic ODI4Mjo3Njk3MDY0OTlmMDcwOWUyMzQ4NDU4NjNmOThiMjMxNA==“). where <client_id> and <secret_key> are a Merchant’s system access credentials provided by the Bank
Body
grant_typerequiredclient_credentials
A client_credentials
text should be always passed in this parameter
- REQUEST
POST /v1/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Authorization: Basic <base64>
grant_type=client_credentials
Response
access_tokenstring
A token returned by the Authorization Server
token_typestring
A token type (The text „bearer“ is always returned)
app_idstring
not used
expires_innumber
A number of seconds for which the Token is active
- RESPONSE
{
"access_token": "<JWT>",
"token_type": "Bearer",
"app_id": "1A2019",
"expires_in": 1634719923245
}