Authenticating With OpenAuth 2.0

The Checkissuing API now uses OpenAuth 2.0 for authentication. We will primarily be focusing on using the client_credentials grant type for most use cases.

If you are not familiar with OpenAuth or how it works, there is a great article explaining the base concepts.

To summarize: the basic principle behind it is you create a set of credentials (often referred to as a Client or an App) which provide you with a client_id and client_secret.

Your client_id and client_secret are used to make a request to an Authorization Server which returns an encoded token that is used to authenticate your future requests.

You will need to create a separate set of credentials for both the sandbox and production environments by logging into the environment in question and following the steps below.

With the Checkissuing API, we refer to these credentials as simply API Credentials and you are able to generate/manage sets of them by logging into your client panel, and under the user menu at the top right, clicking the 'API Access' link found there, which will take you to your accounts API Credentials management page.

The first time you visit this page, you will not have any credentials and will need to create a set. Simply click the  Add New Credentials button toward the top right of the page.

The Add New Credentials dialog will appear. Enter a name for this set of credentials and your API ID will be automatically generated. Click the Create Credentials button at the bottom right of the dialog and you will see a message confirming that your credentials have been created and they will appear in the list of available credentials displayed on the page.

Once created, you can click on the lock icon in the actions table to view your API ID and API Secret. These are what you will pass for client_id and client_secret when requesting your access token(s).

Using them as the username and password make a HTTP POST request using HTTP Basic Auth to the below end point with post data of grant_type=client_credentials and you will receive your access token, it will look like the sample below.

Sample Access Token
{"token_type": "Bearer", "expires_in": 3600, "access_token": "0aba4911442f22c04b1f4f4e7cc50edb9856f213"}

Pass your access token along with the HTTP headers as the Authorization header and the value of the header like below

Bearer 0aba4911442f22c04b1f4f4e7cc50edb9856f213
Authentication Errors

If you have an issue with authenticating, you will receive a response like the following from the API

{"status":0,"errors":["Access Denied"]}