POST /authentication/getToken

Request

Authentication is performed by posting to /authentication/getToken with the following body:

{
    "key": "string",
    "secret": "string"
}

Field	Mandatory	Description
key	Yes	The key provided to you by 6DOT50. It is uniquely linked to your Merchant account.
secret	Yes	The secret provided to you by 6DOT50.

The key/secret will be different between the Test and Production environments.

Sample Request

{
    "key": "00000000-0000-0000-0000-000000000000",
    "secret": "supersecretpassword"
}

Response

If successfully authenticated, the operation will return a token. This token is to be used in subsequent requests to other operations by supplying an Authorization header with the value bearer [token].

{
  "success": true,
  "token": "string",
  "expiresAt": "2022-09-24T13:31:00.557Z"
}

Field	Response Type	Description
success	boolean	Whether authentication was successful or not.
token	string	If success is true, this is the Bearer token to be used for subsequent calls to the API.
expiresAt	string($date-time)	If success is true, this is the date and time that the token will expire. Tokens expire every 15 minutes and must be refreshed. See Token Expiry and Refresh for more information.

Sample Response (Success)

{
  "success": true,
  "token": "eyJhbGciOiJIzI1NiIsInR5cCI6IkXVCJ9.eyJpZC…",
  "expiresAt": "2022-09-24T13:31:00.557Z"
}

Sample Response (Failed)

{
  "success": false
}

Token Expiry and Refresh

Tokens expire after 15 minutes. Field expiresAt in the response model can be used to track token expiry.

Call the authentication/getToken operation again to re-authenticate and receive a new token.