Authentication
The finvix APIs support OAuth 2.0.
Reference
| Key | Value |
|---|---|
url |
https://dev-account.finvix.com/connect/token |
scope |
Space-delimited list of the scopes for which you want to generate a token. |
grant_type |
Type of token request. Currently only client_credentials is available. |
Scopes
The following scopes are available for use with the finvix APIs.
| Scope | Grant type | Description |
|---|---|---|
manage |
client_credentials |
Indicates that a token has permission to create clients and transactions. |
Generating a client credentials token
To generate a client credentials token, obtain your client_id and client_secret by requesting them from finvix support and see the example below. Note that this endpoint expects requests to be encoded as application/x-www-form-urlencoded.
Example request
curl -F "client_secret=$CLIENT_SECRET" -F "client_id=$CLIENT_ID" -F "grant_type=client_credentials" -F "scope=manage" https://dev-account.finvix.com/connect/token
Example response
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expires_in": 3600,
"token_type": "Bearer",
"scope": "manage"
}
Usage
The access_token field corresponds to the token used to authenticate with the finvix APIs. Once you have obtained this token, you can provide it in the "Authorization" header of the requests you make to the endpoints.
The expires_in field indicates the lifetime of the access token, provided in seconds. Tokens should be cached and reused for all requests until (or shortly before) expiration, and not regenerated per request.
curl -H 'Authorization: Bearer ' https://api-finvix-dev.azure-api.net/customers/api/v1