OAuth2for authorization to the API. It is not possible to interact with the API without a valid Partner ID token. All the authentication tokens are sent using Headers in order to receive the session token. To obtain a quote for a given “from” and “to currency” and “to amount”, or see the list of supported currencies per country, the calls to these endpoints do not require authentication. To call any endpoint of our API you need to obtain a token, by calling the token URL: [POST] https://api-demo.novemberfirst.com/token With the following data in the body of the POST request: grant_type=password&username=UserName&password=Password&appid=AppId&partnerid=PartnerId
The user name of the user that is going to login
The password of the user that is going to login
The AppId from the API Settings in the customer portal (Your App Key)
The PartnerId you obtain when becoming partner with November First. Ask support if you need the id again.
Here is an example of the request/response in raw form:
POST http://api.demo.novemberfirst.com/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded; charset=utf-8
"access_token": "Kv0CfU2oU47rfLasmdAS01UBqfbGo6t9G6sgdX... ",
".issued": "Mon, 07 Aug 2017 14:26:06 GMT", ".expires": "Mon, 07 Aug 2017 14:41:06 GMT"
After obtaining the access token, you append it on every request using the following header:
Authorization: Bearer [access_token]
Where [access_token] should be replaced with the token you just received.
Here is an example of a create payment request:
POST http://api.demo.novemberfirst.com/payments HTTP/1.1
Authorization: Bearer Kv0CfU2oU47rfLasmdAS01UBqfbGo6t9G6sgdX_...