Authorization Process for using API Services

Authorization to make API calls follows the OAuth2 protocol. To the register an establishment, the Automation Developer will have access the appropriate credentials to use the API. These credentials consist of a site_id and a site_secret corresponding to the establishment. As an initial step to start using the resources of the Omnichannel API, Automation must inform these two parameters to the API endpoint /auth-token to obtain authorization tokens. Done this step, the Automation must inform these tokens in all calls to API services.

[Generation of store secret_site]#

Automation can obtain a store's site_secret in two ways different options: in person via the customer service channel or "programmatically" via the API.

When starting the integration process, the Customer or Developer You can ask our support team for these credentials. Will fit Developer provides a way for Customer to install these credentials in Automation in a secure way.
If the Customer has a digital signature of the ICP-Brasil chain, the Automation can, at runtime, use the Omnichannel API to generate and download credentials. This section describes the endpoint for this purpose. With each call to the endpoint, a new site_secret is generated and the previous one loses its validity.

The site_secret is equivalent to a password associated with each site_id and serves the authentication purpose to obtain the auth-token. That is, he allows the application to carry out transactions with the Omni API on behalf of the site_id. Therefore it must be stored securely in the application.

We also recommend that the automation renew the site_secret periodically. If you use this endpoint, it is possible, for example, to renew the site_secret daily.

Call details#

The details of this operation are still under discussion (parameters may change).

Resource: /v1/site_secret
HTTP Method: [POST]
Content-Type: application/json;charset=UTF-8
Body parameters:

Parameter	Description	Type	Size	Required
certificate_chain	Certificate chain file for signature validation. It must contain the ICP Certificate (public key signed by the CA) corresponding to the CNPJ of the store associated with the informed site_id. We recommend that it also contains the intermediate certificates from the CA that signed the store certificate. The format must be a PEM string with the sequence “\n” in place of line breaks.	String
jwt	The content of this parameter must be an encoded JSON Web Token (JWT), that is, a String in the format: `<Header encoded in Base64Url>.<Payload encoded in Base64Url>.<Signature of (Header + "." + Payload) encoded in Base64Url>` Follow the Header and Payload specifications informed in the jwt content table below.	String

jwt content
Header
Parameter	Description	Type	Size	Required
alg	RS256 Value	String		YES
typ	JWT Value	String		YES
Payload
Parameter	Description	Type	Size	Required
iss	Full and unmodified content of the Common Name field of the ICP certificate (normally in the format “Business Name:CNPJ)	String		YES
sub	Site_id value	String		YES
aud	“omnichannel” value
iat	Time of creation of this JWT in RFC 7519 NumericDate format (number of seconds since 1970-01-01T00:00:00Z UTC)	Number		YES
clientId	ClientId value	String		YES
`Gateway extra parameter`	Extra Gateway parameters are additional store identification parameters defined by the Payment Gateway (that is, it is up to the Payment Gateway to specify and inform these parameters to the Automation). The Omni server will use these and other Payload parameters to authenticate the store with the Payment Gateway. The extra parameters will be passed to the Gateway without change. For example, if the Automation is integrating with the Bin Acquirer Gateway, the extra parameters should be: "institutionNumber": [String], "serviceContractId": [String], "terminalId": [String], "merchantId": [String]	String		YES

Response#

Content-Type: application/json;charset=UTF-8

Parameter	Description	Type	Size	Required
site_secret	Authorization token for access to API services	String

Example#

Unencoded JWT content (for illustration only for reproduction example, as it is not sent in this format):

- Header:
    {
    "alg":"RS256",
    "typ":"JWT"
    }

- Payload:
    {
    "iss": "Loja Fiserv Teste 01:00111222000181",
    "sub": "SITEID000000000",
    "aud": "omnichannel",
    "iat": 1692239022,
    "clientId": "CLIENTID00000",
    "institutionNumber": "00000004",
    "serviceContractId": "110",
    "terminalId": "GPRG0V7A"
    }

- Verify Signature:
    RSASHA256(
    base64UrlEncode(Header) + "." +
    base64UrlEncode(Payload),
    Chave Privada do Cliente
    )

-   Chave privada do Cliente:\
    \-\-\-\--BEGIN RSA PRIVATE KEY\-\-\-\--
    MIIEpAIBAAKCAQEAyNDjmnCpBK9i6SIanVeHkh3HOp4vPgwfdSxRpaAy57YE8IZw\
    qJKHJ7iiDGgTwnKerwYuwUpi4T4eMcI0gesHq4K28gkkJSOJjHJx3kh43ZazVk2z\
    WYQOCc70ahvsfgGlyy3wb1idMla+KgeYgbs1EG+6Q/5OooFISkiS4DgZqKKOiDdz\
    UsEVzdLll5Uc15iSMaCnULp8rq0YEA2w3bx5n0LY3tvtfrVgiyE8+tFSFmbzghU7\
    9DBvFomN4i/sup786z24URFXo+nx6qZK2mi7xHGEXG8Aolo1Z4tB6LvRIkEhpHOu\
    T9Lv0mXHgZKMPFjaCvF5NfFKYa4Sh5Kml7p3MwIDAQABAoIBAQCIVKfwFUPpllgE\
    Bc8jumSjYev7c6CG8xv4JFpZouRsQjogQGUDTFbNNJ9u5MllXQM1t3DOcH2ohM9i\
    4IFdIf5XBarFrkcHn5Sl8Jw1V+YWKVUe5ik4QFp3djSgRMzMzrmLsmhkbzhpEFKR\
    ng5/JGTl/7PorSEdWb+GDrcH2Y4x2NYG/BDSjWEQan35dwhDVWxowoslE0UZTT7m\
    6NiMmlN90wwzeVIshP2y4xI8GnnbbG/ivoUh0FsizfLgWCOAwaXCh62CVfi5CWi2\
    BQsW7no23lVG/xd60I7/pKXwpLKtYfeJGOjSkqMRiMRMTVAm+IE3nV3+9IHZmExm\
    ZOQjr8phAoGBAOlLOJDGIKlBizvx6BTvZg3Hv64ktauzgsuwPMjUSKt69k4b+uTT\
    cqT5DPVCvxrNfFSKLTobNQa5kK3VDlf8jwSC847DCpsvGqKfem2A2ERy4dwHMKhh\
    DC4cecTqw8I+MFicAHRSCYpdQao7c0mqALzFhiXitCW+28pFnBOUl+pPAoGBANxc\
    chP4pe1JH6XxIzRzf+tfLsQN/izmts5XWQuiJJARht/VppyCWBnpTZT8g8kZbC2x\
    AU1EXPzFaOGgTBF7CPWNbaD4UHW2ddyoSA1WSYDLDmEdouJ5dkuCd+XGDKksiYqq\
    rtNG1zIzjFcmxBINudBC0580edR8AVBvhrR5KH/dAoGBANZicqPP/nmrqsi2f8Cl\
    UtI9Cm98eppDx2FpHiKrufAjei7DVadsjIEAASFtafK2fJevtuob0HnSkxq7nIfM\
    ppzNvgYmRBvhiIeDKF1ytssIC3hH/zXsoOXK8ze7SZO51HHJQj2imfPVyR8nrMU3\
    /Z97oNA16bh6EL5rg4cW2RfPAoGAUdV6//OtGwu21xdP7aCe9rfoVCKmK+KaLNK/\
    XNSgI2h+4A0lzKWTNjwv9Y45Gqt4Qxei1iD3L1/YbUHsPemlEBuvhMHyj2RtLL7J\
    0zoiHdRKyMIKxXQ5/By9jfUYqpLBmV99gTSjoh8GlS7uTY4PXUoT8OG6BLDwhACG\
    0+rSoXkCgYBzWJeASuu/lA9pH6hzhrazvuBs2h5j8qayrr+F0vHjLQ6mmgI4lmv2\
    njQDfUD2slNm6LKNM0fyfrijD66lPRWxyMzhht3OidP5VF5AMbvVCF5SUshx4gtg\
    a1mqEu0UFkzQ+ltgPgvtiErZ7I4igj5lFMPODzEbnkp1dcAuXb6jSw==\
    \-\-\-\--END RSA PRIVATE KEY\-\-\-\--

Request and Response

POST /v1/site_secret HTTP/1.1
Host: server.example.com
Content-Type: application/json;charset=UTF-8

{
"jwt":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJMb2phIEZpc2VydiBUZXN0ZSAwMTowMDExMTIyMjAwMDE4MSIsInN1YiI6IlNJVEVJRDAwMDAwMDAwMCIsImF1ZCI6Im9tbmljaGFubmVsIiwiaWF0IjoxNjkyMjM5MDIyLCJjbGllbnRfaWQiOiJDTElFTlRJRDAwMDAwIiwiaW5zdGl0dXRpb25OdW1iZXIiOiIwMDAwMDAwNCIsInNlcnZpY2VDb250cmFjdElkIjoiMTEwIiwidGVybWluYWxJZCI6IkdQUkcwVjdBIn0.a_5tXe1JxxmsOzoPiRUqIzqY1iOfWnFi-a4OTLWpNyhYsfMHUUZmZksiKCV3TZch9asrVpDbyw5VikX0OrsAok4jk4wHlqsmfyoonx3AGT4sE37jXntoic_-6QWDaZea3ZB66rauiniGEFF39Bk-2Lle5YttizxLsOCKzYpffXZa2jL7uwGwtP6tzx7TH1kqeMv98pSVaA1G1fGKFh5lhXJMEdTMyxlTSF9PO91hH2ZaKPeaIgLhJsW7AEaG73CZNNILqCGs03Pmb-4kiENMzqA2ICAS-5Knw0A_lrNIZt-c6Chn3mpOx_Q6GZZKVlkqD9glJJ3O5WT4rfbnoQTNjQ",
"certificate_chain":"-----BEGIN CERTIFICATE-----\nMIIF7TCCA9WgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgYUxCzAJBgNVBAYTAkJS\nMRkwFwYDVQQKDBBURVNURSBJQ1AtQnJhc2lsMTwwOgYDVQQLDDNURVNURSBTZWNy\nZXRhcmlhIGRhIFJlY2VpdGEgRmVkZXJhbCBkbyBCcmFzaWwgLSBSRkIxHTAbBgNV\nBAMMFEFDIE9tbmljaGFubmVsIFRFU1RFMB4XDTIzMDkwNDE2MTQxOVoXDTQ4MDQy\nNDE2MTQxOVowggEjMQswCQYDVQQGEwJCUjELMAkGA1UECAwCUlMxFTATBgNVBAcM\nDFBvcnRvIEFsZWdyZTEZMBcGA1UECgwQVEVTVEUgSUNQLUJyYXNpbDE8MDoGA1UE\nCwwzVEVTVEUgU2VjcmV0YXJpYSBkYSBSZWNlaXRhIEZlZGVyYWwgZG8gQnJhc2ls\nIC0gUkZCMRYwFAYDVQQLDA1SRkIgZS1DTlBKIEExMR0wGwYDVQQLDBRBQyBPbW5p\nY2hhbm5lbCBURVNURTEXMBUGA1UECwwONjIxNzM2MjAwMDAxODAxGTAXBgNVBAsM\nEFZJREVPQ09ORkVSRU5DSUExLDAqBgNVBAMMI0xvamEgRmlzZXJ2IFRlc3RlIDAx\nOjAwMTExMjIyMDAwMTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\nyNDjmnCpBK9i6SIanVeHkh3HOp4vPgwfdSxRpaAy57YE8IZwqJKHJ7iiDGgTwnKe\nrwYuwUpi4T4eMcI0gesHq4K28gkkJSOJjHJx3kh43ZazVk2zWYQOCc70ahvsfgGl\nyy3wb1idMla+KgeYgbs1EG+6Q/5OooFISkiS4DgZqKKOiDdzUsEVzdLll5Uc15iS\nMaCnULp8rq0YEA2w3bx5n0LY3tvtfrVgiyE8+tFSFmbzghU79DBvFomN4i/sup78\n6z24URFXo+nx6qZK2mi7xHGEXG8Aolo1Z4tB6LvRIkEhpHOuT9Lv0mXHgZKMPFja\nCvF5NfFKYa4Sh5Kml7p3MwIDAQABo4HFMIHCMAkGA1UdEwQCMAAwEQYJYIZIAYb4\nQgEBBAQDAgWgMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBDbGll\nbnQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFN8jLkrN2qAVRNBq2l7k+T0YdAd1MB8G\nA1UdIwQYMBaAFFL4pFDfbP+MZSC15Fj4CGbMmPVxMA4GA1UdDwEB/wQEAwIF4DAd\nBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggIB\nAAE8ONhnz42mYSD80WupxdQeQZIMWCWQvCWR7w4dGSIEpYOcMdydD4jTrBAP2Z7u\nvrjkHoBMJiM07Ondl3PYZNobU4a7sbxndebFDZ1HgmugYYC9d3miUtX1P9Z9bogQ\n2REgJltEtg0fnVZzPhe4b4lRVBK+80apcnPnS6IekxEnbnmvMXlPuYskcXv9+AUa\nufYCIC9Wb+97SDEwbc2e08IoC6Lp57XTs0nUV8iPzxwhGhgKqNP+Ys+wWlkZCwjX\nxaYvgIhGbwBYvgiR3ADi1Ih9Uj/WvclaOKY1P49dlmYq3TfgTkNVdZd7KvL33VMz\nY/bNWVRCk8rQ54Ks6j4LUcAmZTUtYh4boONCYjtipZFg2ODztt1lYavI+y+by8kf\ndiI3y52c3+ri1lrJnyBv1QTiPKBD0OTwfgAR7XvYo3bVGV7nQlKsTlcoU9LxgC8s\nKgZsF63QIJU6ZcQlxtUgglz+1+DQ9mEr/ICoEUaZXWgWQIUifyP7aSTeEg24Z1a1\nqEiCnSiHq0NyunxGeO053pAwIYYLnZzJ7ugmJ9DMDy/fLPEqtUQw+SYy2O4UIP/I\nGon1hjgETdPIpAdQxHYE69vfvopd5wgiyU4oD3QqyqV6L7eOLTCh9dkCG6+0kWx2\nQbPFnds2ae3f7fUJrxO6ugk7ngg8FoQ5L2rDOtB1En7R\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIGDTCCA/WgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgaIxCzAJBgNVBAYTAkJS\nMRkwFwYDVQQKDBBURVNURSBJQ1AtQnJhc2lsMTowOAYDVQQLDDFURVNURSBBdXRv\ncmlkYWRlIENlcnRpZmljYWRvcmEgUmFpeiBCcmFzaWxlaXJhIHY1MTwwOgYDVQQD\nDDNURVNURSBBQyBTZWNyZXRhcmlhIGRhIFJlY2VpdGEgRmVkZXJhbCBkbyBCcmFz\naWwgdjQwIBcNMjMwOTA0MTYxNDE4WhgPMjA1MTAxMTkxNjE0MThaMIGFMQswCQYD\nVQQGEwJCUjEZMBcGA1UECgwQVEVTVEUgSUNQLUJyYXNpbDE8MDoGA1UECwwzVEVT\nVEUgU2VjcmV0YXJpYSBkYSBSZWNlaXRhIEZlZGVyYWwgZG8gQnJhc2lsIC0gUkZC\nMR0wGwYDVQQDDBRBQyBPbW5pY2hhbm5lbCBURVNURTCCAiIwDQYJKoZIhvcNAQEB\nBQADggIPADCCAgoCggIBAKlRkS2pq8dij/eIQ5kMu/JOLovPHON6LnZSQGibrZtM\nuZgNl3ysfNktNxMx0uGXRqi+qgjlPoRzAmTOc69SSnMQYLdpUmFT/D7ti48yrkye\nOqzz6uusSy5ibU2SGQWu5CyAIj3CAIdYFufMhBZNMbAHkYXgUN2Y3UfvtglFbtel\nhHHHZwGe2z1xuLd9tJ1K0gkVT/66Bf8wilx6+DBz4UY8cZLKy4/Fpq8buFOnEAEk\nqIH0VOc2aY4JUMTlgOnkbw2L5EN3iC9ewJ0JjLCt5ug3D5Jugn14rKtG/KFmV7h1\nzd9hjtnJgknAzazkUgnLOzEK6XMPZteG5B5DWcliziyIrkKGpzF6X/WbQOV2LIZn\nu14nPbi3Vhgt3ZDI5so78/PnSfr12PocxxBEGG5fvXnYmYj0e7MAwgKqswne0PSG\ncsl1ZwynFGE1hY+mTY0BlXQ3dnosZtZmFDWT4tkqZQYlDNbh0CK3/rhVEMPe4mwR\nQu8FudOUOEPVcBlcewf1Tsbx1GKV0xiwzHrr4V8J+zEATLjevdEgHFxM96EeJ/zp\nyHK+f1f1bkG18U1POS7NtqaNONVTSkK8mrPKTMU3gEjPI/0k4vplilFSz7gfW20I\nAhu0UX12jIjGsu+fhcLOK3m91bwND7cwLMEppVmqxiYXz4zcrmJiB+wPClRK5ynR\nAgMBAAGjZjBkMB0GA1UdDgQWBBRS+KRQ32z/jGUgteRY+AhmzJj1cTAfBgNVHSME\nGDAWgBQ4ETqdCjGDvuN/71R9AtopKsFFJDASBgNVHRMBAf8ECDAGAQH/AgEAMA4G\nA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAr79B9i8LTaHXvK2hmLeB\n8twLJ1ZiHKiRs5ir2VURy/5PV7IS4bIfQGLKyZvl8EyGwjV+LhH15xcLHvkeLpiR\nyQk0nFo2dkAyhZCsQcukXoOlSKWsSMQZ9MkQHeE+4UxcWOQTTgVmSt+R9SXLN89F\nVSFmqzqZHwEFdkzHNULhb/eAQ0+evM6b88Pu4qmbKhZt4cF1azixKQJpa3fYM0WE\nYh0UiA9ShMIseXJyqFI/Ai1Sn7CigfnZ53yDh8A0jOK3TOZdIdXlOzHuz6gRteCh\n3rfjyOybYX39bazi26566aNHSW0Q8kx4R5IL3xz4WGisKUBnUaP7tzlwJUtj3cIi\n8bsl6GEhOoboRQ13J7Inzt7hCF0+AvTgkO19pXSdCqPZwj1NauJFGyguvwojpPhc\nZNfwbuF0qktJB5A7pbK1qLSI5KUy1u+q2AskVz8LQKctJeT4TnVgGF1HaEQrxvOC\nORy+2aR5cXp9vXOoTDYoa3cWcfzw5pJR17FjVBp/EEXl97CUMvDuPX1mBhOPjs8j\ni0bfbgcxN8Rjaaz8F2MMFglccpuiDyKcM3hGrLLXAgK18iGkux90OWtfLMtz8Nl8\niXZ9bH0qhWCNUg86mYpffeWPiENJQCjL6UiZ7P5tYKyELDigGxJ4Ep78n1eM7aFs\nYW6YOoNjbJc+Mw8QcD2hXS0=\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIGMTCCBBmgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgakxCzAJBgNVBAYTAkJS\nMRkwFwYDVQQKDBBURVNURSBJQ1AtQnJhc2lsMUMwQQYDVQQLDDpURVNURSBJbnN0\naXR1dG8gTmFjaW9uYWwgZGUgVGVjbm9sb2dpYSBkYSBJbmZvcm1hY2FvIC0gSVRJ\nMTowOAYDVQQDDDFURVNURSBBdXRvcmlkYWRlIENlcnRpZmljYWRvcmEgUmFpeiBC\ncmFzaWxlaXJhIHY1MCAXDTIzMDkwNDE2MTQxNloYDzIwNTEwMTE5MTYxNDE2WjCB\nojELMAkGA1UEBhMCQlIxGTAXBgNVBAoMEFRFU1RFIElDUC1CcmFzaWwxOjA4BgNV\nBAsMMVRFU1RFIEF1dG9yaWRhZGUgQ2VydGlmaWNhZG9yYSBSYWl6IEJyYXNpbGVp\ncmEgdjUxPDA6BgNVBAMMM1RFU1RFIEFDIFNlY3JldGFyaWEgZGEgUmVjZWl0YSBG\nZWRlcmFsIGRvIEJyYXNpbCB2NDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC\nggIBANgqdQRoWs2nxxHLoY5SY+3hICOXfcNQXIMlKrEZ6NjrvXQyqbxHB4/w8gli\nl2T03pkMYR4Q1QSXiW7Dq6+6d2pqDo60F7wIEUmUIggJg0kXI8ziE2LOAKR7EcM9\nOQdgT5q0/ZLEpywZgCiymdZcGx7MQ2/vRHYa15QSIUhaDIjDeJPucxGJRf+i5mSf\nZmIWPsJ8eBg+m/N1Ss381gaR3tI3oy7Ax1dL8TSG4NNFUJiau7QCjLLGVNKeiorH\nRwMA2Bzjn5HMe2Okk0FT7ro30rtLdVmka2Fz8Xf+K1xFK0Ks/c7E4+z7mRfw2RZa\nWn281V9T5gYTgyAAAaMxbckM+/FGfotcHYUQMyzYIMWefNXDXxnOOya2V8qvoDNK\njZD5YELHytp7nX11Lk8yVxmVcaHXqQM6XIp7u5haXVGWK2+YGR3P1UqQNH5xdga2\nW4/s04K7Rgqv3k0y9T331DDFyolyRXkKPNKkOIxAf1aDLeIUJ5uleY+MfWKbzfpz\n1bIRDyC70m4q4ZU8lI48p74EXF0JZIDgF4wve7HqSnvWQ+bz7+Uf0ZT68ZKnCZuU\n2ohhBw5ajOMRVIA1B6haMVA7JLH+ueFh6p9RPSk1byVQzNujlu87xkTcf6D3bEBj\n3IvqbFQQCGafuPUIF/k1AV2Au4CbD/HcFn6VvMSQjQqQdvSxAgMBAAGjZjBkMB0G\nA1UdDgQWBBQ4ETqdCjGDvuN/71R9AtopKsFFJDAfBgNVHSMEGDAWgBQbxNpySzfl\nc4IsRjD2Xjy9SDD+XzASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB/wQEAwIB\nhjANBgkqhkiG9w0BAQsFAAOCAgEARcyDf5I4Re3rBiyUf4/zzk4/7mS3yWN9puvj\nNEgryzIQDz04cJ+uRUfkVj1Dd8r3YRitT4OGKFM6a38LBxhb2o+TrvfGH2BOVrdP\nPdFjHX8UvdoC1vQSyxw6VhZodHnlxq0qa/v1T9KaPMWnNX1k+2b0BsE4rJP8E5/8\nQPSDQ/t8Ak2wG66ncdwfBLnZRizEu8cI1QkawUqafGYKWhvrxRLMexthxA4hijM3\nF2zW24ixOXheYovYKz78NQWGVn5CymnnVpvjINBh1h0r1PetWUju2v/EolJZn60g\nVM/IRSQMBzASZrfLRSJRuETceEhE7xt2e41SD1Yg8mpcKRd40kZHtne/nyaUs+un\nFfte+f/8x5h6KTnCNMeBE7X2nJ38aytR4TmluT0RhEpLrOwTpkUPqvagZTtXSCHQ\nYasPKHiqS1Ve9AEQ/gvtCKK9aw+iwzADmQPc8WiqpMNDyS5dZTs4e7+f5vhWXdxo\n/MEBZ8UTnHhJH1hTVcxrSPQyqKEzYsLep4+p5HPDjElhHqxw3ErPpgpgl/rJvSCw\n4DZfnIE4gVH0vNmQrCGAmH4OzmXTLsv8IR/euChxjhIiU59ZCAKLtVdXDlhy7nnl\nanKccMVgayWyqm/3dcD603zUnyeIuQyUWKLXpohkZQeirpxEpJuGlfKxcqE8TR/I\n6GLayoQ=\n-----END CERTIFICATE-----\n"
} 

HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache

{
  "site_secret":"siteSecretExample123",
}

Token#

Before calling any API service, Automation must first generate an authorization token via the /auth-token endpoint. Each token has an expiration time, so the Automation also needs to generate the token whenever this validity expires.

Call details#

Resource: /v1/auth-token
HTTP Method: POST
Content-Type: application/x-www-form-urlencoded
Body parameters:

Parameter	Description	Type	Size	Required
grant_type	Authorization type (always use the value “client_credentials”)	AN	??	YES
site_id	Store identification requesting API resource	AN	??	YES
site_secret	Store password	AN	??	YES
client_id
~~terminal_id~~

Response#

Content-Type: application/json;charset=UTF-8
Body:

Parameter	Description	Type	Size	Required
access_token	Authorization token for access to API services	AN	??	YES
token_type	Token type (always “Bearer”)	AN	??	YES
expires_in	Time in seconds	N	??	YES

Example#

Request and Response

POST /v1/auth-token HTTP/1.1
Host: server.example.com
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials&client_id=CLIENTID00000&site_id=SITEID000000000&site_secret=siteSecretExample123


HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache

{
  "access_token":"accessTokenExample456",
  "token_type":"Bearer",
  "expires_in":3600
}

Token usage#

In other API calls, Automation must include the token in the field "Authorization" header, in the following format:

Authorization: Bearer access_token value

If the call results in an HTTP 401 error, the Automation must generate a new token.

Secret exchange and shipping policy#

Good practice requires that the site_secret should be changed from time to time. times and the automation is responsible for changing the site_secret.

Fiserv's security area determines that the process of passing the site_secret must be done in a way that meets security standards, cannot involve clear sending by email or by means already considered insecure.

Home

[Generation of store secret_site]#

Call details#

Response#

Example#

Token#

Call details#

Response#

Example#

Token usage#

Secret exchange and shipping policy#