# Authorization Token Request
# Specification
- The following table is a specification of this API:
| Name | Description |
|---|---|
| API Name | B2B Access Token Request (Get JWT Token) |
| Function | This API is used to retrieves authorization token based on client_id and client_secret. The resulting token can be used in the HTTP header Authorization |
| Service Code | 73 |
| Method | POST |
| URL | /v2.1/access-token/b2b |
| Accept | application/json |
| Content Type | application/json |
| Related Service | |
| Expected Timeout | 8 second |
# Request
- The following part will be describe about parameter of request in this API:
# Request Parameter
- The following table is a list of request parameter in this API:
# Header
- The following table is a header of request parameter:
| No | Name | Type | Length | Required | Condition | Remarks |
|---|---|---|---|---|---|---|
| 1 | Content-Type | String | Variable, 127 max | Mandatory | - | Content type, value always application/json |
| 2 | X-TIMESTAMP | String | Fixed, 25 max | Mandatory | - | Transaction date time, in format YYYY-MM-DDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time) |
| 3 | X-CLIENT-KEY | String | Variable, 36 max | Mandatory | - | A unique identifier that can be generated by PayCools, or known as appId |
| 4 | X-SIGNATURE | String | Variable | Mandatory | - | For the signature, please refer to: Digital Signature Validation |
# Body
- The following table is a body of request parameter:
| No | Name | Type | Length | Required | Condition | Remarks |
|---|---|---|---|---|---|---|
| 1 | grantType | String | Fixed, 18 max | Mandatory | - | Always have value of client_credentials |
# REQUEST SAMPLE
POST /v2.0/access-token/b2b
X-CLIENT-KEY: 3a34d6a9debb4246931f3941c471dd3b
X-Timestamp: 2023-09-25T17:57:35+07:00
X-SIGNATURE: Dupbr1ILxsfBrXFmeDdIjwCmgv6AF+JQeIpD1Gq8HDjow7avCXdZAPOEbxVe7/x0atxy86aUfC11zXA1gvXXwxrTXFr6V0x8GZCyTndqnDyRlBeEZLL3BLmDRkrSsomd/mv1eG/th4TQndSPrBBfbN3bj0yIB99y2BnU5fBy7B0ZhYiQVs3uREspIsBB99F/4Zv8GbPWvik2usdOUo0gfPAQoZ3MJAcBQ/0vMRT5KdLm903C2HNyl1Cpb6OFRgaU2LAWybEQIC2QJ9mFb08NPR0PEu75WpVHNrFYn8gfiI8nRso0vBJhtMZrRINDQf9scV53cFdjpWobQHvnFDHCqQ==
Content-Type: application/json
{
"grantType":"client_credentials"
}
# Response
- The following part will be describe about parameter of response in this API:
# Response Parameter
- The following table is a list of response parameter in this API:
# Header
- The following table is a header of response parameter:
| No | Name | Type | Length | Required | Condition | Remarks |
|---|---|---|---|---|---|---|
| 1 | Content-Type | String | Variable, 127 max | Mandatory | - | Content type, value always application/json |
| 2 | X-TIMESTAMP | String | Fixed, 25 max | Mandatory | - | Transaction date time, in format YYYY-MM-DDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time) |
# Body
- The following table is a body of response parameter:
| No | Name | Type | Length | Required | Condition | Remarks |
|---|---|---|---|---|---|---|
| 1 | responseCode | String | Fixed, 7 max | Mandatory | - | Refer to response code list |
| 2 | responseMessage | String | Variable, 150 max | Mandatory | - | Refer to response code list |
| 3 | accessToken | String | Variable, 2048 max | Mandatory | - | This token is used as a parameter on header in other API “Authorization” |
| 4 | tokenType | String | Fixed, 6 max | Mandatory | Type of authorization token. Always have value of Bearer | |
| 5 | expiresIn | String | Variable, 8 max | Mandatory | The expiry duration of the authorization token. Default value is 900, indicating 900 seconds |
# Response
Content-type: application/json
X-TIMESTAMP: 2023-10-07T11:40:18+07:00
{
"responseCode": "2007300",
"responseMessage": "Successful",
"tokenType": "Bearer",
"expiresIn": "900",
"accessToken": "eyJhbGciOiJIUzI1NiJ9.eyJhcHBJZCI6ImNiY2U0OTBlODJmODQxZjJiMzE2MmE4ZGQyN2U5ZmQxIiwiY2FjaGVLZXkiOiJUT0tFTl9BUElfY2JjZTQ5MGU4MmY4NDFmMmIzMTYyYThkZDI3ZTlmZDFfMjEwMDJiMGYtMDJkNS00ZDI2LTg4MmEtMGRmNWI5MzVlNWVhIiwiY3JlYXRlVGltZSI6MTY5NjY1MDAyMTg3OX0.mkiFEVNvWTJDVLTvY9oE2u4w76wnlra1mwzC79SG-Zo"
}
# Response Code and Message
- The following table is the list response code and message of Balance Inquiry API:
| No | Response Code | Response Message | Remarks | Partner Action | Related Service |
|---|---|---|---|---|---|
| 1 | 2007300 | Successful | Success to be processed | Proceed to invoke the next API. The value of “ accessToken” is inserted into HTTP-Header “ Authorization” | Authorization Token Request - SNAP |
| 2 | 4007300 | Bad Request | General request failed error | Action is aborted. Show appropriate error message to users and contact the other party to check the issue | Authorization Token Request - SNAP |
| 3 | 4007301 | Invalid Field Format | Invalid format for certain field | Action is aborted. Show appropriate error message to users and contact the other party to check the issue | Authorization Token Request - SNAP |
| 4 | 4007302 | Invalid Mandatory Field | Missing or invalid format on mandatory field | Action is aborted. Show appropriate error message to users and contact the other party to check the issue | Authorization Token Request - SNAP |
| 5 | 4017300 | Unauthorized. [reason] | General unauthorized error | Action is aborted. Show appropriate error message to users and contact the other party to check the issue | Authorization Token Request - SNAP |
| 6 | 4097300 | Conflict | Cannot use same X-EXTERNAL-ID in same day | Action is aborted. Show appropriate error message to users and contact the other party to check the issue | Authorization Token Request - SNAP |
| 7 | 4297300 | Too Many Requests | Maximum transaction limit exceeded | Do a retry maximum 3 attempts, if the result is still the same then action is aborted. Show appropriate error message to users | Authorization Token Request - SNAP |
| 8 | 5007300 | General Error | General error non retry-able | Do a retry maximum 3 attempts, if the result is still the same then action is aborted. Show appropriate error message to users | Authorization Token Request - SNAP |
| 9 | 5007301 | Internal Server Error | Unknown internal server failure, please retry the process again | Do a retry maximum 3 attempts, if the result is still the same then action is aborted. Show appropriate error message to users | Authorization Token Request - SNAP |
| 10 | Total Timeout | Total timeout, the client side does not get any responses from the server side (can be due to network issue, server slowing down, and so on) | Do a retry maximum 3 attempts, if the result is still the same then action is aborted. Show appropriate error message to users | Authorization Token Request - SNAP | |
| 11 | Unexpected response (empty field/field does not exist/undefined response code) | The server does not produce expected responses (can be due to hardware failure, bugs, and so on) | Do a retry maximum 3 attempts, if the result is still the same then action is aborted. Show appropriate error message to users | Authorization Token Request - SNAP |