In order to retrieve a session token, you have to build a valid initializationToken using your apiSignature .
All fields in token generation are mandatory. However, you can keep your data secret by using fake values.
You have to provide true values for fields : amount , iat , notificationKey.
Future version of our api will introduce optionnal fields for the token.
The token should be signed with you apiSignature, available in your backoffice. It will only work one time.
Note: A list of jwt librabry is avaivalable here.
Token can be verified on https://jwt.io
PHP sample :
//composer require firebase/php-jwt
<?php
use \Firebase\JWT\JWT;
$signature = "monApiSignature";
$criteria=array(
"amount" => 100, // Amount to convert : Mandatory
"cp" => "75000", // User's zipcode : use 99 for anonymous token
"age" => 40, // User's age : use 99 for anonymous token
"gender" => "M", // User's gender (M ou F)
"userId" => "u-1234", // User's unique ID
"iat" => time(), // Timestamp in seconds
"notificationKey" => "12345" // A key generate by you allowing to identify transaction
);
$jwt = JWT::encode($criteria, $signature);
?>In order to perform that all our endpoint work with a token authentication connected with a user session.
That sessionToken will allow you to perfom all actions on our API.
You can retrieve a sessionToken using our /token endpoint which is describe here.
This endpoint use your account apiKey to authenticate you has a platform.
We hardly recommend you to keep this session creation request on your backend to prevent your apiKey to be accessible to third parties.