post https://sandbox-api.key2pay.io/v1/auth/token
Your access token authorizes you to use the REST API server. To call a REST API in your integration, exchange your ApiKey (username) and SecretKey (password) for an access token.
In exchange for these credentials the server returns your access token in the accessToken field.
Include the generated bearer token in the Authorization header with the bearer authentication scheme in REST API calls to prove your identity and access protected resources.
Access tokens have a finite lifetime. The expiresIn field contains the number of seconds after which the token expires. For example, an access token with an expiry value of 3600 expires one hour after its creation.
To detect when an access token expires, write code to either:
- Keep track of the
expiresInvalue in the token response. - Handle the HTTP 401 Unauthorized status code. The API endpoint issues this status code when it detects an expired token.
- Re-use the access token until it expires. Then, get a new token.