Authentication

Overview

Our gateway uses OAuth 2.0 for authentication and authorization. This guide will help you understand how to authenticate using the client_credentials grant type and access the system using the obtained token.

Create an Open Client

Before you can authenticate, you need to create Open Client with our system. Upon creation, you will receive a client_id and client_secret which will be used to obtain an access token. How to create open client.

Obtaining an Access Token

To authenticate your application, you need to obtain an access token by making a request to our OAuth 2.0 token endpoint. This request must include your client_id, client_secret, and the grant_type. How to obtain an access token.

Example Request

Here is an example of how to format your request to obtain an access token:

curl -X POST \
  https://api.unipayment.io/connect/token \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'grant_type=client_credentials&client_id=your-client-id&client_secret=your-client-secret'

Example Response

A successful request will return a JSON response containing the access token:

{
    "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkYxQ0U5MDVGNjUzMTU3MEM1QTFBOEE2NzJFNDNBMkI5RDA4RkU0RjciLCJ0eXAiOiJhdCtqd3QiLCJ4NXQiOiI4YzZRWDJVeFZ3eGFHb3BuTGtPaXVkQ1A1UGMifQ.eyJuYmYiOjE3MTg5NjI4ODMsImV4cCI6MTcxODk2NjQ4MywiaXNzIjoiaHR0cHM6Ly9kZXYtZjVidjBlLWFwaS4zdHJ1bmtzLmNvbS8iLCJhdWQiOiJjb21tb24tYXBpIiwiY2xpZW50X2lkIjoiYTkxYjVkNDktZGRhZC00ZWZjLThlNzMtN2Q0MmQ4ZWI4YzA4IiwiY2xpZW50X2F1dGhfdHlwZSI6Im9wZW4iLCJqdGkiOiJFN0JGRDU2RUEzRjY2ODhGN0FCMEI5ODczNTMyRTJGRCIsImlhdCI6MTcxODk2Mjg4Mywic2NvcGUiOlsiY29tbW9uIl19.jxcblj0iF9owDxG7eCNexnyPdME9JPE8Rp0gJI5OaIHIFM0gqYzctXswQGZYmuM3dlhxobGRGyGzZyWo9kNokm1kgUUP2RzhW9WPmE-jOvxUutYp9b8EQI9wKd-cwpmPuQ2P0KoFghl7qilbEASj5m_y1xGZhQHqoMDFWaw3uR6p5FG85yZBTMIwlwDZZkoNgK1NkO6Mlp9Dv1YqajAojDWB2t1KEcxi48iWEfD2sF3w5lhSlVGE0dSfEUqGWxr0RuiSF_rc_kfB8TQ67uwSAiMetsNUrUcAG-rTV6SCiIdRIP-bJMRItd0so9gl6raQr8WOs97iefhef-_326-2lw",
    "expires_in": 3600,
    "token_type": "Bearer",
    "scope": "common"
}

Using the Access Token

Once you have obtained an access token, you can use it to authenticate requests to other endpoints in the system. The token should be included in the Authorization header of your HTTP requests.

Example Request

Here is an example of how to use the access token to access a protected endpoint:

curl -X GET \
  https://api.unipayment.io/v1.0/ping \
  -H 'Authorization: Bearer your-access-token'