ClientId
and an API key – you can create these in the Mangopay Dashboard (or else contact Sales to get started).
ClientId
and API key into a string separated by a colonClientId :ApiKey |
RXhhbXBsZUNsaWVudElkOlBFQkIwVkRoRkVOZkVoWFRVeW9yVFlqNmhDVm1xTDBIUmJ3WTRnNU4xN3J1aVBqbVFu |
x-www-form-urlencoded
Content-Type.
Endpoint | POST /v2.01/oauth/token |
---|---|
Authorization | Basic RXhhbXBsZUNsaWVudElkOlBFQkIwVkRoRkVOZkVoWFRVeW9yVFlqNmhDVm1xTDBIUmJ3WTRnNU4xN3J1aVBqbVFu |
Content-Type | application/x-www-form-urlencoded |
Request body | grant_type=client_credentials |
Property | Description |
---|---|
access_token | The access token to use to authenticate. |
token_type | The type of token: Bearer. |
expires_in | The number of seconds until the access_token expires and a new token needs to be generated.Default values: 3600 (in Production), 1200 (in Sandbox)Note: The value may differ from the default values, therefore you should not rely on hard-coded defaults but on the expires_in value returned. |
access_token
, you can use it to authenticate all other API calls for the expires_in
duration.
To do so, add it to the Authorization header of your requests, preceded by “Bearer” and a space:
Authorization | Bearer 094696b3724d4aa5a182eac360dcd537 |
---|
expires_in
and do not hard-code the default value. We recommend triggering a new OAuth token call 30 seconds before the expires_in
value.expires_in
seconds value elapses), then it is no longer valid and calls made with it will return the following HTTP 401 error: