Authorization API
Authentication

On this page you will find information about how to authenticate with the Authorization API, construct the authentication header and how to send credit request.

API Authentication

Base URLs

Avarda base URLs for Authorization API:

Stage/test environment: https://stage.authorization-api.avarda.com/ (opens in a new tab)

Production environment: https://authorization-api.avarda.com/ (opens in a new tab)

Obtain Partner access token

To authorize access to the API we use a standard Open ID Connect Client protocol – Client Credentials grant. The token endpoint is available on /oauth2/token.

The flow is described in details e.g. in https://tools.ietf.org/html/rfc6749#section-4.4 (opens in a new tab).

This is a quick summary of the flow.

  1. Get the access token using your client credentials
POST /oauth2/token HTTP/1.1
Host: stage.authorization-api.avarda.com
Content-Type: application/x-www-form-urlencoded
 
client_id=<your-client-id>&client_secret=<your-client-secret>&grant_type=client_credentials

You will get an access token with additional information like a token expiry in the response:

{
  "token_type": "Bearer",
  "expires_in": "3599",
  "ext_expires_in": "3599",
  "expires_on": "1614267550",
  "not_before": "1614263650",
  "resource": "00000002-0000-0000-c000-000000000000",
  "access_token": "ey……………"
}

2. Use the access token in the Authorization header in subsequent API calls, e.g.

GET /authorization/57dae8d9-e192-40f2-8355-690f5b744cba HTTP/1.1
Host: stage.authorization-api.avarda.com
Authorization: Bearer ey.........

3. Beware of the token expiry. After the token expires use the /oauth2/token endpoint again to get a new token

Alternatively use some 3rd party Open ID Connect client library which will handle the workflow with tokens for you. This is actually recommended and typical approach. There are many open source Open ID Connect libraries available for most of the languages and platforms.