Merchant Session
  • Securing PayEngine Webcomponents
  • Access Token API
Powered by GitBook
On this page
  • Create/Refresh a merchant session
  • Delete a merchant session
Export as PDF

Access Token API

Create/Refresh a merchant session

POST /api/merchant/:merchantId/sessions

Creates a new merchant session

Headers

Name
Value

Content-Type

application/json

Authorization

Basic <API KEY>

Request

Property
Type
Description

access_token

string

Optional: If provided, invalidates existing token and provides a new one

expires_in

int

Optional: the value in seconds for the token expiration. default is 900 (15 min)

scope

string

Optional: readonly | default

Setting scope to readonly restricts actions like hiding the Refund button in the transaction widget. Note: if not provided, default will be applied.

Response

{
  access_token: "<Access Token>",
  expires_in: "<Duration>",
  scope: "default",
  type: "Session"
}
{
  "error": true,
  "message": "Unauthenticated"
}
{
    "success": false,
    "message": "Failed to validate",
    "errors": [
        {
            "field": "expires_in",
            "message": "expires_in must not be less than 60"
        }
    ]
}

Delete a merchant session

DELETE /api/merchant/:merchantId/sessions/:accessToken

Deletes a merchant session

Headers

Name
Value

Content-Type

application/json

Authorization

Basic <API KEY>

Response

no reponse body expected
PreviousSecuring PayEngine Webcomponents

Last updated 1 month ago