API Platform authentication
The API platform replaces the need to call individual merchant URL’s by using a Client-Id
header to differentiate between merchants instead. It uses a Bearer token for authentication, which replaces the need for authenticating through a separate API key and secret for each client.
Below you will find instructions for generating a bearer token and other details for QA and PROD environments.
General info
Existing endpoints remain unchanged, however, we released 2 additional endpoints that can only be accessed by API platform users:
GET
/external/integrations
- Lists all clients that the integration has access to.
GET
/external/message-log
- Lists all of the failed webhooks.
Things to note
-
Once a Partner is created in Revel’s API platform, we send an automated email that allows you to recover your API credentials(Client ID and Client secret) required for generating a bearer token:
This is a link that can be used only once and it will not be valid in 72 hours. If you need another link generated, contact our support team.
- The Client ID and Client secret are only used to generate a bearer token. The same Client ID and Client secret will be used for all merchants.
- The Client-Id header must be used to differentiate between different merchants. The
Client-Id
is the merchant's Revel URL without “.revelup.com”. Example: for https://exampleurl.revelup.com/ theClient-Id
will be “exampleurl”. - A Bearer token is used for authentication instead of an API Key and Secret. The same Bearer token is used for all merchants.
- A new token needs to be generated once every 24 hours. Generating new tokens doesn’t expire the old one(s), therefore, a new token can be generated while the old one is still being used without interruption.
QA Environment
The baseURL
to be used is https://api.qa.revelup.io/. The same baseURL
is used for all merchants.
Generating a bearer token for QA environment
To generate a Bearer token make a POST
call to https://authentication.qa.revelup.com/oauth/token with the following body:
{
"grant_type": "client_credentials",
"client_id": "",
"client_secret": "",
"audience": "https://api.revelsystems.com"
}
Use the client_id
and client_secret
that were fetched in the steps above.
PROD environment
The baseURL
to be used is https://api.revelsystems.com/. The same baseURL
is used for all merchants.
Generating a bearer token for PROD environment
To generate a Bearer token make a POST
call to https://authentication.revelup.com/oauth/token with the following body:
{
"grant_type": "client_credentials",
"client_id": "",
"client_secret": "",
"audience": "https://api.revelsystems.com"
}
Use the client_id
and client_secret
that were fetched in the steps above.
Updated 6 months ago