What Is an Access Token?
The Access Token is needed in every request sent to the system in order to validate the sending user.
Request Structure
Method: POST
Endpoint: https://sandbox.interswitchng.com/passport/oauth/token
Request Body/Payload: “grant_type”:”client_credentials”
Request Headers (as Key:Value pairs):
- Content-Type : application/x-www-form-urlencoded
- Authorization : Basic SUtJQTgzQkREMEI2NTlFMzUzQTI4OUQ1QUQ1QUQ5NzkzNjYwOERENzUwNzI6OHEwUzVWd2tRMHZwV01BNFJqRXZuc0Z0NWsyK0V0elExZkRiM1dPRS80OD0=
where Authorization is Base64(clientID:SecretKey). For example in the above request
Base64(IKIA9614B82064D632E9B6418DF358A6A4AEA84D7218:XCTiBtLy1G9chAnyg0z3BcaFK4cVpwDg/GTw2EmjTZ8=) —– SUtJQTk2MTRCODIwNjRENjMyRTlCNjQxOERGMzU4QTZBNEFFQTg0RDcyMTg6WENUaUJ0THkxRzljaEFueWcwejNCY2FGSzRjVnB3RGcvR1R3MkVtalRaOD0=
Find sample response below
|
1 2 3 4 5 6 7 8 9 |
{ "access_token": "eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOlsiY2FyZCIsInF1aWNrdGVsbGVyIl0sInNjb3BlIjpbInByb2ZpbGUiXSwiZXhwIjoxNTE5MTM5MDIzLCJjbGllbnRfbG9nbyI6bnVsbCwianRpIjoiNzgyZjc5Y2YtYTBhZC00MWI1LThlMWMtZTkzNDMwMjU5OGNlIiwiY2xpZW50X2Rlc2NyaXB0aW9uIjpudWxsLCJjbGllbnRfaWQiOiJJS0lBODNCREQwQjY1OUUzNTNBMjg5RDVBRDVBRDk3OTM2NjA4REQ3NTA3MiJ9.hABsYsNtoMfC4fdnGKpK9jHaDISUoHXTaz7khNgUmSpc-QRTrK2gKQ3gDAb3qpPigblg6YVjss6JgJSuAGMeXGCOQFBdq5Z658wheUKbYsUq2XZJnXRDjvixhERKyfSsMIXP40EpJyUeXfvvd3pCwORGZbb5B9Yz4wOGF8-cOetYzI59aopuhAqo2CwWS60DchEm1n_BGcBcz5OGLACtrz7hrMft5shP4DLLXoJVqxcxXe9OB00pyjmlbCdJLaQHGEzicda-nK5KiO9DuNGT5sxBf5FgLyDzo5MEnP5tT1PugPB4t1h_EJ-o5yYJ1QIPd2kVsPqamWZbfXK8YwjReA", "token_type": "bearer", "expires_in": 3599, "scope": "profile", "client_logo": null, "client_description": null, "jti": "782f79cf-a0ad-41b5-8e1c-e934302598ce" } |
The expires_in field represents how long before the token expires (in seconds).