API Authentication
To access the Volt API as a merchant, PSP or TSP you’ll need two sets of credentials. One set is the client ID and secret, which tells us the application you’re using to access the API. The other set of credentials is the username and password which tells us whose data you’re accessing during this API session.
| To access the API |
client_id and client_secret
|
| To access your data |
username and password
|
Note for PSPs and TSPs
You should use your own client ID and secret, with the specific credentials (API username and password) of the individual merchant data you wish to access.
After a successful authentication you’ll receive an access_token, a refresh_token and expires_in indicating the validity of the access_token in seconds. The access_token allows you to communicate against with the Volt API.
Where to find username and password
Your username and password are available in Fuzebox. See how to generate customer credentials.
Go to Fuzebox > Configuration > Customers
Where to find client_id and client_secret
Your client_id and client_secret are available for each application you have created/access to in Fuzebox. See how to generate application credentials
Generate an access token
See the request and response as described in our API docs for authentication.
Using your access token
An access_token is valid for the number of seconds indicated by the expires_in value in the response. You also received a refresh_token in the authentication response, which will be valid for 24 hours, and which allows you to obtain a new access_token without needing to re-authenticate.
To access the other endpoints in our API, you need to send the access_token in an HTTP header called “Authorization” in the format “Bearer {access_token}”. Note that Authorization must be spelled with a “z” and there’s a single space between Bearer and your access token.
Authorization: Bearer eyJ...In0