Skip to main content

Authentication

Overview

To ensure the security and privacy of our user's data, only authenticated users are permitted to make requests to our API. In order to authenticate your application and access our API, we employ the OAuth 2.0 protocol with bearer tokens.

OAuth 2.0

OAuth 2.0 is a widely adopted protocol for secure authentication and authorization. It provides a robust framework for allowing third-party applications to access protected resources on behalf of a user. In the case of our API, this means your application can securely interact with our services while protecting sensitive user data.

General Steps

  1. Register Your Application: Before using the Gini RTP API in your application, you need a valid client ID and a client secret. If you don't have the client ID and the client secret's already, please get in touch with your sales representative.
danger

Your client's secret must be kept confidential. Do not share the client's secret with anyone (e.g. keeping it in a public repository) and never use it from a clients side (e.g. mobile/web application)

  1. Bearer Token Request: Once registered, your application will request an access token from the Gini Authorization Server. This access token serves as your application's proof of authentication and authorization to access our API on behalf of the user.
Request
curl -v -X POST -H 'X-User-Identifier: user1'
    -H 'Accept: application/vnd.gini.v1+json'
    -u 'client-id:secret' 'https://pay-api.gini.net/login'
Response
{
  "access_token": "6c470ffa-abf1-41aa-b866-cd3be0ee84f4",
  "token_type": "bearer",
  "expires_in": 3599
}
  1. API Access: With a valid bearer token, your application can now make authorized requests to the Gini RTP API. Include the access token in the request headers using the Bearer Token authentication method, and you'll be ready to start interacting with our services.
Access to protected resource
curl -v -X GET
     -H 'Accept: application/vnd.gini.v1+json'
     -H 'Authorization: Bearer b6c470ffa-abf1-41aa-b866-cd3be0ee84f'
     'https://rtp-api.gini.net/paymentProviders'

For more information, please go to the Authentication API sample.