Appearance
Access Token B2B
Components
| Environment | URL |
|---|---|
| Staging | https://kronos-stage.ifortepay.id/auth/merchants/v1.0/access-token/b2b |
| Production | https://kronos.ifortepay.id/auth/merchants/v1.0/access-token/b2b |
ⓘ Whole service can be fully utilized in Production Environment.
Header Request
Details
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| Content-Type | Mandatory | String | String represents indicate the media type of the resource (e.g. application/json, application/pdf) |
| X-TIMESTAMP | Mandatory | String | Client's current local time in yyyy-MM-ddTHH:mm:ssTZD format |
| X-CLIENT-KEY | Mandatory | String | Client’s client_id (PJP Name) (given at completion registration process) |
| X-SIGNATURE | Mandatory | String | Non-Repudiation & Integrity checking. X-Signature: dengan algoritma asymmetric signature SHA256withRSA. (Private_Key, stringToSign). stringToSign = client_ID + ":" + X-TIMESTAMP |
Request Body
Details
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| grantType | Mandatory | String | client_credentials: Used to request access token using client credentials (OAuth 2.0 RFC 6749 & 6750) |
| additionalInfo | Optional | Object | Additional Information |
Example Request
Details
sh
curl --location 'https://kronos-stage.mcpayment.id/auth/merchants/v1.0/access-token/b2b' \
--header 'X-TIMESTAMP: 2020-12-18T10:55:00+07:00' \
--header 'X-CLIENT-KEY: MCP00000001' \
--header 'X-SIGNATURE: PKiS0Gh2OLs+ibZaL9oWbYAAFRjMjJiS0MCmMbmFImoItuPZwicceUOhidRiNMt1PDH2fDHKFDkrJ+LQzNSukDU4gn9GIlusaGOkLaycIaU/ENKThupw3Z1ng3J3zkbBHJ/bMO1jOXS9zHEfqblYCdzyoEFe9p9pS8nnzHcS82yn4iisd1CQWfzW5z/aGQVVkLIWQAZQqRJSfG1lFCtKlB1DYOdSKHm62Wfu9bCxUIVWYsAbwTY6yYJEajfQYSdhIZv8i8uW/l4KE357pf4HNWhfpws3TA2SqHSwqRCLecP1a7+x824wa6AIaapKyiKpRfEG45F1OCO3JMVRkhmcJg==' \
--header 'Content-Type: application/json' \
--data '{
"grantType": "client_credentials",
"additionalInfo": {}
}'Header Response
Details
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| X-TIMESTAMP | Mandatory | String | Client's current local time in yyyy-MM-ddTHH:mm:ssTZD format |
| X-CLIENT-KEY | Mandatory | String | Client’s client_id (PJP Name) (given at completion registration process) |
Response Body
Details
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| responseCode | Conditional | String | Refer to standar data dan spesifikasi teknis part 6 (Response Code). If access token failed to generate, this value must be filled. |
| responseMessage | Conditional | String | Refer to standar data dan spesifikasi teknis part 6 (Response Message). If access token failed to generate, this value must be filled. |
| accessToken | Mandatory | String (2048) | A string representing an authorization issued to the client that used to access protected resources |
| tokenType | Mandatory | String | The access token type provides the client with the information required to successfully utilize the access token to make a protected resource request (along with type-specific attributes). Token Type Value: - “Bearer”: includes the access token string in the request - “Mac”: issuing a Message Authentication Code (MAC) key together with the access token that is used to sign certain components of the HTTP requests Reference: OAuth2.0 RFC 6749 & 6750 |
| expiresIn | Mandatory | String | Session expiry in seconds: 900 (15 menit) |
| additionalInfo | Optional | Object | Additional information for custom use that are not provided by SNAP |
Example Response
Details
sh
{
"responseCode": "2007300",
"responseMessage": "Successful",
"accessToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJNQzIwMjYwMTYwNTgiLCJpYXQiOjE3Njg5NjU3MzcsImV4cCI6MTc2ODk2NjYzN30.whW6B-b_hkkPP7pJ_dqAFeqAenVNNYUo38OuFGBbv-5RIDU_kXQb_Am4luzqsDvEkHOamrqxiRYZ-Zkr6vUhBA",
"tokenType": "Bearer",
"expiresIn": "900"
}