The Payment API 2.0 and additional services using the OAuth 2.0 protocol with JSON Web Tokens (JWT) for authentication and authorization. Ratepay will provide you with a set of credentials (client ID and client secret).
The credentials must be handled with care and confidentiality. They are not to be disclosed to any third parties.
To send a request, perform the following steps:
- Request an access token from the Ratepay authorization server.
- Extract the token from the response.
- Include the token in the request to the Payment API or additional service.
Do re-use the token for all requests (Payment API 2.0 and additional services) within it’s validity.
Validity (in seconds) can be also found in the response.