Authorization on Interswitch API can either be done through the OAuth Bearer realm or custom
“InterswitchAuth” realm. The section below defines how to use each. Except otherwise stated, the InterswichAuth will be used. In cases where the Bearer realm is required, it will be stated in the API documentation page.
InterswitchAuth Realm
The InterswitchAuth authorization realm is a custom realm that allows you to be authenticated with just your ClientID. In this realm, developer is expected to encode client ID in base 64 in the Authorization header. See sample below.
| InterswitchAuth SUtJQUYzRDNGMkQyMEY1MTM2REVGNUExMjUwMzZDN0U0QjgzMzgwQjBGMjA |
Bearer Realm
The bearer realm is a reuse of OAuth 2.0 authorization framework where developers are expected to send an access token for authorization. Access token are given/issued to developers either by logging in to the developer console and generating one for themselves or by requesting for access token through an API call. See here for how to generate AccessToken.
| Bearer eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOlsicGFzc3BvcnQiXSwic2NvcGUiOlsicHJvZmlsZSJdLCJqdGkiOiI3ZGViNjllNS02ZjQzLTQ5OTUtOTdhNC02NTVjOGFmNWNkMjciLCJjbGllbnRfaWQiOiJBM0MyNkE2RTVDQTc0QjNBQTU4MUNERDdEMUU0NzRFRCJ9.cN0nnOiYu5KqCrhvUvRaUjlOcEN4W2O7sfSJVfOBrm2mMa1a0ulLD14iwdsyZ8vCBDUz8TO8BHRuQwS1cp9WDGz55kmhPsS9tuo35pqSlpj-MBuACnzzzBzl92Q5KDxyXaC5q0f1-utSJrYJOqHqvMZh0duq-6vnfNkZWjF95t83wJWXayy-mUBp7IH1m5mbQdYYNj_09oVS-cL03Drh7NWhBAV1LTNZnJq6Hp3G83aUzJNI-fmddmNeuYyaQRitcfMT3CzJ-8AG1XGe8Njne00fBaT01pDPM5gr2ZxANBd35jlqKrhmV2qM8Bo5S09JrTmeYAq_s4ty7DAETRoD4Q |