Created with Sketch.
Created with Sketch.
Mypages Partner API

Authorization

On this page you will find information about how to authenticate with the Authorization API, construct the authentication header and how to send credit request.

API Authentication

Base URLs

Avarda base URLs for Authorization API:

Stage/test environment https://avdonl-s-mypages-partner-api.westeurope.cloudapp.azure.com/

Production environment: https://avdonl-p-mypages-partner-api.westeurope.cloudapp.azure.com/

Obtain Partner access token

“Partner access token” is used as authentication for all further communication with the Credit AuthoriationAPI. Token is sent in http header as Bearer Token. This token should never be displayed to the user or sent to the frontend of the application.

To obtain the token send POST request with header setting Grant Type = Client Credentials and with clientId and clientSecret as a JSON to /api/oauth2/token

# Obtain Partner access token
GET {api_url}/api/oauth2/token
Content-type: application/json

{
  "clientId": "659e57c9-d970-4db8-b003-8ba04cc157f9",
  "clientSecret": "4~{x*6%gvBt(:aD"
}

Payload:

PropertyData type
clientIdstring
clientSecretstring

Example

<?php
$api_url = "https://avdonl-s-checkout.avarda.org";
// Use your CLIENT_ID and CLIENT_SECRET
$client_id = "659e57c9-d970-4db8-b003-8ba04cc157f9";
$client_secret = "4~{x*6%gvBt(:aD";
$grant_type = "client_credentials";

// Send POST request and save "Partner access token"
$request_url = "$api_url/api/oauth2/token";
$request_payload = array('client_id' => $client_id, 'client_secret' => $client_secret, 'grant_type' => $grant_type);

$options = array(
    'http' => array(
        'header'  => "Content-type: application/json\r\n",
        'method'  => 'POST',
        'content' => json_encode($request_payload)
    )
);

$context = stream_context_create($options);
$result = file_get_contents($request_url, false, $context);
if ($result === false) { /* Handle error */
} else {
    $json_data = json_decode($result);
    $partner_access_token = $json_data->accesstoken;
    echo (string) $partner_access_token;
};

Return Value

{
    "accesstoken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6InBpVmxsb1FEU01LeGgxbTJ5Z3FHU1ZkZ0ZwQSIsImtpZCI6InBpVmxsb1FEU01LeGgxbTJ5Z3FHU1ZkZ0ZwQSJ9.eyJhdWQiOiIwMDAwMDAwMi0w...",
    "tokenExpirationUtc": "2020-01-01T09:24:42.2011052Z"
}

Use the token as Bearer Token for all following requests to the api. Token expires after 1 hour and then needs to be regenerated.