Authentication

Introduction

Regardless of how you choose to implement the UNIPaaS solution, you will need to perform one server-to-server call to initiate your connection with UNIPaaS.

Server to server

When it's used:

  • Hosted onboarding link
  • Checkout page
  • Pay-in API
  • eWallet API
  • Payout API

A basic authentication is enforced when performing an API request from your server to UNIPaaS. An authorization bearer header must be sent along with the private_key, provided to you in your portal account settings to access restricted API endpoints.

Example of a checkout create API request:

curl --location --request POST 'https://sandbox.unipaas.com/platform/pay-ins/checkout' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{PRIVATE_KEY}}' \
--data-raw '{
    "amount": 10,
    "currency": "GBP",
    "orderId": "1000456",
    "description": "Iphone case",
    "email": "[email protected]",
    "country": "GB",
     "items": [
    {
      "itemName": "Iphone case",
      "itemAmount" : 10,
      "vendorId" :"5ee8e655a65f08fcd71fe4d9",
      "platformFee" :  "15"

    }
     ]
}'

Client to server

When it's used: Onboarding Embedded UI

An OAuth 2.0 authorization is enforced when performing an API request from a client application such as a drop-in UI to UNIPaaS. For a client application to communicate with UNIPaaS without compromising your private_key, an OAuth 2.0 mechanism is used. This means before any API request from a client application; a temporary accessToken must be granted using the authorization API endpoint:

curl --request POST \
  --url https://sandbox.unipaas.com/platform/authorize \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Bearer {{private_key}}' \
  --data-raw '{
        "vendorId": "5140332a9d0ca8037a72c1812",
      "scopes": ["onboarding_write"]
   }'