/auth_token
Request or invalidate an Auth token
Required auth method
Newly onboarding customers and customers migrating to TPB are required to implement the OAuth2 method for authentication. Please disregard ECDSA references.
Migrating from ECDSA to OAuth2 implementation guide here.
Call this endpoint to request an auth token which can be used to authorize subsequent API requests. This token has an 8-hour expiry window.
You can also call this endpoint to invalidate auth tokens.
Refer to the JWT Overview doc for more information on JWT and the auth token object your /auth_token
Requesting an Auth Token Requirements
HTTP Basic Authentication username and password
Since the JWT method utilizes HTTP Basic Authentication, you'll need an Authorization: Basic username:password string.
Use your client_id for the username and client_secret for the password.
You received the client_id and client_secret when you first created your app. Look for the file you downloaded after clicking "Download Keys" during app creation
Building and encoding an HTTP Basic Authentication credentials string
You'll use this credentials string in the Authorization header of all API calls made, including /auth_token.
Building
Construct the credentials string by concatenating the client_id, a single colon (:) character, and the client_secret.
Encoding
When the time comes to add the credentials string to the Basic auth header, you need to first encode with Base64 as a utf-8 value, then convert that value to an ASCII string.
Here's an example of how that is done in JavaScript and Python:
const basicAuthString = 'Basic ' + Buffer.from(CLIENT_ID + ':' + CLIENT_SECRET).toString('base64');
>>> base64.b64encode(b'my_app_client_id:my_app_client_secret').decode('utf-8')
'bXlfYXBwX2NsaWVudF9pZDpteV9hcHBfY2xpZW50X3NlY3JldA=='
Request
POST /0.2/auth_token HTTP/1.1
Host: sandbox.silamoney.com
Authorization: Basic bXlfYXBwX2NsaWVudF9pZDpteV9hcHBfY2xpZW50X3NlY3JldA==
Content-Type: application/json
{
"header": {
"created": 1234567890,
"app_handle": "your_app_handle",
"version": "0.2",
"reference": "<your unique id>"
}
}
***
HTTP/1.1 200 OK
{
"success": True,
"access_token": {
"token": "<a 205-character string>",
"expiration": 1611514008,
"expiration_dt": "2021-01-24T18:46:48.788837Z"
}
}
Request Attributes
| Key | Data Type | Description |
|---|---|---|
| header | JSON object | Required. Required keys: created - Unix epoch timestamp in seconds. Must not be future-dated and must not be dated more than 5 minutes in the past.app_handle - your app handleOptional keys: reference: Can be any value for your own reference. If not provided, one will be assigned. Example: 07e71ee7-4878-4424-862a-3113e83ae09bversion: Cannot be null if key is present. Valid values: 0.2, v0.2, V0.2 |
Responses
The response will contain a JWT access token, the token's expiration time in both epoch and human-friendly format, and a success boolean.
| Key | Data Type | Description |
|---|---|---|
success | Boolean | True for a successful response. |
access_token | JSON object | A container for access token data. |
access_token.token | String | A 205-character string. |
access_token.expiration | Integer | A Unix epoch timestamp in seconds. Can be up to 8 hours in the future. |
access_token.expiration_dt | String | A human-friendly representation of the expiration value, conforms to ISO 8601 for combined date and time values.Example: 2021-01-24T19:12:08.454818Z |
Invalidating an Auth Token
If you feel that your application's current and unexpired Auth token has become compromised, you may immediately invalidate it by calling this endpoint with a DELETE method.
Request
DELETE /0.2/auth_token HTTP/1.1
Host: sandbox.silamoney.com
Authorization: Basic bXlfYXBwX2NsaWVudF9pZDpteV9hcHBfY2xpZW50X3NlY3JldA==
Content-Type: application/json
{
"header": {
"created": 1234567890,
"auth_handle": "handle.silamoney.eth",
"version": "0.2",
"reference": "<your unique id>"
}
}
***
HTTP/1.1 200 OK
{
"success": True
}
Request Attributes
| Key | Data Type | Description |
|---|---|---|
| header | JSON object | Required. Required keys: created - Unix epoch timestamp in seconds. Must not be future-dated and must not be dated more than 5 minutes in the past.app_handle - your app handleuser_handle - the user_handle to go through KYCOptional keys: reference: Can be any value for your own reference. If not provided, one will be assigned.version: Cannot be null if key is present. Valid values: 0.2, v0.2, V0.2 |
Responses
| Key | Data Type | Description |
|---|---|---|
success | Boolean | True for a successful response. |
Updated 5 days ago