Skip to main content

Authentication

Authentication should be done with API clients, use the client_id/client_secret from the Checkout API client to get an access token (see Get token endpoint). Read more about how to set the basic auth Authorization header at wikipedia.

Request

In this example, the account id is T12345678 (T for test), replace with your own account id.

POST https://checkout.dintero.com/v1/accounts/T12345678/auth/token
Authorization: Basic base64(client_id:client_secret)
Content-Type: application/json

{
"grant_type": "client_credentials",
"audience": "https://api.dintero.com/v1/accounts/T12345678"
}

Account Ids

Your Dintero account ID consists of a prefixed character denoting the environment its for, followed by the a set of numbers. i.e. P12345678.

The different environments are: P = Production T = Test

Environments

The test environment is a sandbox environment where you can test your integration without any real money being involved. The production environment is the live environment where you can accept real payments and should be used when you are ready to go live.

We recommend that you use the test environment first when you are developing your integration and testing it. When you are ready to go live, you can switch to the production environment by changing the prefix of your account ID from T to P.

Make sure create a new API client for the production environment and use the production client ID and secret when you send requests to the production environment. For more information on how to do this, see How to configure a Checkout API Client.

Response

{
"access_token": "eyJhbGci...t7P4",
"token_type": "Bearer",
"expires_in": 86400
}

Using the access token

Use access_token as Bearer Authorization when accessing the API, by setting the following header:

Authorization: Bearer {access_token}