Guides
Start typing to search…

Authentication

Our API uses Bearer JWT Token for authentication. This method ensures secure access to our endpoints by requiring a valid token in the request headers. The token must be included in the Authorization header as follows: Authorization: Bearer {token}.

Bearer JWT Token Authentication

Bearer JWT Token authentication is required for all endpoints, including transfer-related endpoints such as getting banks, name enquiry, and initiating outward transfers. To obtain the JWT token, you must first call the authentication endpoint with your API key and client ID. This will return an access token that can then be used to authenticate your requests.

Obtaining the Access Token

To get the access token, make a POST request to the /auth endpoint with the following headers:

{{base_url}}/uaa/api/auth
curl --location '{{base_url}}/uaa/api/auth' \
--header 'Content-Type: application/json' \
--header 'x-api-key: YOUR_API_KEY' \
--header 'x-client-id: YOUR_CLIENT_ID'

Sample Response:

{
    "accessToken": "ey829893hieJ9.939889893899.dDnekAba-cwwmxzwYbhI_5EZ28k7ZWH8dwB7mghEbVYfsIAJj3ybpjh3YqpyU2Pf2ao5nk4jo9UOuo0N7Lo2jCxEymFy06_Y",
    "refreshToken": "dw989892.djn983hjn.AxZZZ7pU5WIkAq0iQRkTh9juiDU3--zTw9dEq50cHzhKu7k-CzUcJ3fwj8moRlA8UsA3TwP9oNznKf5mJ_O4bZAXUEPAuKzPmFz7wkigeaBqwXWusM5B89iDVcu5dW35BLq9w3hyn0S",
    "user": {
        "id": "98239-2309-239-829389-33499843",
        "mobile": "+23400000000",
        "firstName": "John",
        "lastName": "Doe",
        "role": "BUSINESS",
        "roles": [
            "BUSINESS"
        ],
        "kycLevel": "TIER_THREE",
        "selfie": "https://upload_url/",
        "accountPublicId": "823898-409-836-85e8-089283"
    },
    "properties": [
        {
            "name": "EMAIL_VALIDATED_DATE",
            "value": "2024-05-12T20:41:47.746765043"
        }
    ]
}

Once you have obtained the access token, include it in the Authorization header of your requests to the transfer-related endpoints.

Sample Usage:

curl --location '{{base_url}}/paas/bank/transfer/v1/banks' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer YOUR_ACCESS_TOKEN'
❗️

Note!!

Ensure to handle token expiration by refreshing the token as needed to maintain uninterrupted access to transfer-related services.

Updated 2 months ago