Authenticity token creation service

The authenticity token generation service is mandatory in some generic operations flows. As a result of this service, the merchant will obtain a token by the authenticity URL that will be needed for the next steps in the flow.

Detalhes da chamada#

  • Resource: /v1/token
  • HTTP method: GET
  • Request format: JSON
  • Response format: JSON
  • Header parameters:
ParameterDescriptionType (Size)Mandatory
merchant_idStore code on Carat Portal. The production and certification codes will be different.AN (<15)Yes
merchant_keyStore authentication key on Carat Portal. The production and certification keys will be different.AN (<80)Yes

Then, Carat Portal will send a POST HTTPS request (x-www-form-urlencoded) to the registered URL, this POST contains the information necessary to obtain the token to be used in generic operations.

Authenticity POST Simulation:

To use this example, don't forget to define the variable {{url}} with the value
esitef-homologacao.softwareexpress.com.br

curl -X POST \
https://merchantAuthenticityUrl.com \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'cache-control: no-cache' \
-d 'token=1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr

Response codes

See reference on API codes - response codes

Attention: It's essential that the merchant's Authenticity URL site receives the authenticity token and return HTTP 200. It is condition to Carat Portal consider this POST as successful.

If the authenticity POST has been successful, Carat Portal will return merchant request with a "responseCode": "0" code.