Generating access tokens

Both app_id and app_key values can be revealed from the Settings > API Access menu in the Hub.

You will have different app_id and app_key values for both test and production environments. When building and testing your integration, ensure that you use the test values. You can then switch to the live values when you are ready to start processing real payments.

It is important to note that access tokens are valid for 1 hour, after that time a new token will need to be generated. Alternatively, you could chose to generate a new access_token every time that you authenticate with the API.

In the example below we are entering the app_id and app_key values in a POST method.

  "app_id": "app_id",
  "app_key": "app_key"


  "token_type": "Bearer",  
  "expires_in": 3600,  
  "access_token": "eyJ0eXAiOiJKV1QiLC....."  

If you entered an invalid app_id or app_key you would receive an 'unauthorized' response.

See the example below:

  "status": "error",
  "error_type": "unauthorized",
  "title": "Authentication with the API failed, please check your details and try again.",
  "instance": "/v1/customers"

For more information on how to authenticate with our API follow the authentication guide.