Introduction
Mangopay provides a regularly updated Postman collection for you to test the Mangopay API in the Sandbox environment.Mangopay API Postman collection
Prerequisites
- A
ClientId
and an API key – if you don’t have these, contact Sales to get access to the Mangopay Dashboard - A Postman account (you can install the preferred version for your system at https://www.getpostman.com/)
Run with Postman
Best practice – Watch the collection for updatesWatch the collection by clicking the eye icon on the parent folder to receive an email when new additions and changes are merged.You can then pull the changes to bring your fork up to date.
Set up your environment
Once the collection is forked, make sure you’ve selected the relevant environment and set up the key variables if they are not already defined:ENV_URL
– Should be https://api.sandbox.mangopay.comAPI_KEY
– Your Sandbox API key, available in the Mangopay Dashboard.CLIENT_ID
– Your Client ID, available in the Mangopay Dashboard.
CURRENCY
– Enter the default currency for your tests. Keep in mind that some payment methods don’t support all currencies, so you might need to update them manually at times.CULTURE
– Enter the default culture value. TheCulture
parameter is mostly used in web payment methods, but keep in mind that payment methods don’t necessarily support the same values. We recommend you useEN
for a better experience.
Note - Other variables populated automaticallyWhere relevant, calls in the collection contain post-request scripts (in the Scripts tab of the request) that populate other variables based on the response from the API.For example, the Create a Natural User call populates a
USER_NATURAL_PAYER
variable with the returned Id
; Create a Wallet populates a WALLET_ID
, and so on. Likewise, during the card registration process, the tests populate the tokenization data automatically, meaning you should be able to submit the calls one after another without having to copy and paste values manually.Authenticate Postman calls
The Mangopay API uses OAuth 2.0 to authenticate calls, which is supported by Postman. In Postman, authentication for the collection is managed in the Authorization tab of the parent folder. Child folders and individual calls inherit this authentication. In the Authorization tab, ensure:- The Access Token URL field contains the
ENV_URL
variable followed by/v2.01/oauth/token
to call the OAuth token endpoint. - The Client ID field contains the
CLIENT_ID
variable. - The Client Secret field contains the
API_KEY
variable. - All the variables are showing blue, indicating that they are defined, and not red.
How to generate the first token
Note – Postman auto-refreshes tokensPostman can automatically refresh the OAuth token, but the first token needs to be generated manually.You also need to generate a new token manually if you change from one collection to another, or from one set of API credentials (Client ID and API key) to another.
- On the Authorization tab of the collection, scroll down to the bottom and click on Get new access token.
- Postman calls the OAuth token endpoint to get a token. Once done, click Proceed (Postman proceeds automatically after 5 seconds).
- In the Manage access tokens dialog, you can see the details of the generated token. On the left, you can see all other tokens with the option to delete expired tokens. Click Use token to add the token to the Authorization tab and use it to authenticate calls.