Guides

Create a new Authentication

post https://api.test.payadvantage.com.au/v3/token

All requests to the Pay Advantage API need to be authenticated.
The Authentication API's are used to authenticate to Pay Advantage using either your API credentials or via Oauth2 protocol.

Your API credentials can be found in the Integration Section of your Pay Advantage portal. Use our helpful guide for step by step instructions.


This endpoint supports two types of requests:

  • Credential-based authentication (username and password)
  • OAuth2 PKCE authentication

    Credential-based authentication

    To authenticate and authorise your API requests an initial call is made to the /token endpoint with credentials passed as JSON in the request body.

    Your username and password credentials should be passed as JSON in the request body. A successful response will return an access token that must be included in any subsequent requests as an authorisation header of type Bearer. e.g. 'Authorization':'Bearer <access_token>'.

    The bearer token obtained from this call has an expiry. The seconds until expiry is populated in the expires_in field in the response message, after this time any request to the Pay Advantage API using an expired token will return a STATUS 401 unauthorised response. It is good practice keep using the same access token and monitor the expiry; if another API request is required once the current access token is expired, call the /token endpoint to request a new token.
    Please ensure these requests are made from a server and not from a browser. Exposing these tokens on a browser can result in security compromises.
    NOTE: When utilizing credential-based authentication, a refresh token will not be provided.

    OAuth2 PKCE authentication

    With OAuth2 authentication, you have the advantage of using refresh tokens to refresh your access token. By utilizing the refresh token, you can easily obtain a new access token without having to go through the entire authentication process again.

    To re-authenticate with a refresh token, simply call this endpoint again with a valid refresh token.
    To utilize our OAuth2 service, kindly get in touch with our support team. The support team guide you through the process of registering your application into the PayAdvantage system and granting the necessary authorization for OAuth2. For more information view the example of OAuth2 PKCE authentication on the https://www.oauth.com/playground
Language
Click Try It! to start a request and see the response here!