Scribd Logo
Upload

Welcome to Scribd!

  • API Authenticate

    Uploaded by

    Razozy Iany
    69 views2 pages
    This document provides instructions for authenticating API requests to the Mvola API using OAuth 2.0 client credentials grant flow. Developers must register an application to receive a consumer key and secret, then make a POST request to the authentication URL, passing the key and secret in the basic authentication header and a grant type of "client_credentials" in the request body to receive an access token. The access token should be included in subsequent requests to protected API endpoints. Standard HTTP response codes indicate success or error, with a 200 returned on success and the access token in the response body.

    Original Description:

    Original Title

    API_Authenticate

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides instructions for authenticating API requests to the Mvola API using OAuth 2.0 client credentials grant flow. Developers must register an application to receive a consumer key and secret, then make a POST request to the authentication URL, passing the key and secret in the basic authentication header and a grant type of "client_credentials" in the request body to receive an access token. The access token should be included in subsequent requests to protected API endpoints. Standard HTTP response codes indicate success or error, with a 200 returned on success and the access token in the response body.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    69 views2 pages

    API Authenticate

    Uploaded by

    Razozy Iany
    This document provides instructions for authenticating API requests to the Mvola API using OAuth 2.0 client credentials grant flow. Developers must register an application to receive a consumer key and secret, then make a POST request to the authentication URL, passing the key and secret in the basic authentication header and a grant type of "client_credentials" in the request body to receive an access token. The access token should be included in subsequent requests to protected API endpoints. Standard HTTP response codes indicate success or error, with a 200 returned on success and the access token in the response body.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 2

    DOCUMENTATION

    API Authentication
    Version : 1.0

    SANDBOX https://devapi.mvola.mg/token
    POST
    PRODUCTION https://api.mvola.mg/token

    Overview Authentication API to generate a token to be used by the other API.


    The request is secure, i.e. use https instead of http, and requires
    having a Consumer Key and Consumer Secret after accessing the
    developer portal to be used in 64Base encoding for basic access
    authentication

    API The API is organized around REST


    Reference Use Client Credentials as grant type and
    With form-encoded request body
    Return JSON-encoded responses and HTTP response code

    Request
    Headers Authorization Basic Base64(consumer-key:consumer-secret)

    Content-Type application/x-www-form-urlencoded

    Cache-Control no-cache

    Body
    urlencoded
    grant_type client_credentials.

    scope EXT_INT_MVOLA_SCOPE

    CURL curl --location --request POST 'https://devapi.mvola.mg/token' \


    Command --header 'Authorization: Basic Base64(consumer-key:consumer-
    secret)' \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --header 'Cache-Control: no-cache' \
    --data-urlencode 'grant_type=client_credentials' \
    --data-urlencode 'scope=EXT_INT_MVOLA_SCOPE'

    1
    HTTP Error standard HTTP response code is used to indicate whether the
    request is a success or a failure.

    200 - OK Everything worked as expected.

    The request was unacceptable, often due


    400 - Bad Request
    to missing a required parameter.

    401 - Unauthorized No valid API key provided.

    The parameters were valid but the request


    402 - Request Failed
    failed.

    The API key doesn't have permissions to


    403 - Forbidden
    perform the request.

    404 - Not Found The requested resource doesn't exist.

    The request conflicts with another request


    409 - Conflict (perhaps due to using the same
    idempotent key).

    Too many requests hit the API too quickly.


    429 - Too Many
    We recommend an exponential backoff of
    Requests
    your requests.

    500, 502, 503, 504 -


    Something went wrong on the server
    Server Errors

    Responses
    Upon successful request FOUR (4) attributes will be return among
    body which the ACCESS_TOKEN that will be used by the other API

    Success
    {
    "access_token": "<ACCESS_TOKEN>",
    "scope": "EXT_INT_MVOLA_SCOPE",
    "token_type": "Bearer",
    "expires_in": 3600
    }

    Failed If failed request then details of error will be returned

    ErrorCategory Error category

    ErrorCode Error Code

    ErrorDescription description on the error

    ErrorDateTime Date and time when the error occurred

    Key/value which add more details on the


    ErrorParameters
    nature of the error

    You might also like