Authenticating
Authenticating to the API
Your API Credentials
Gravity Payments will provide an API Key and Secret pair for you to use in the sandbox environment, and a separate pair for the production environment. If you haven’t yet received these credentials, please reach out to our Developer Support team.
Alternatively, as a Developer you can create a non expiring partner authorization token tied to your Gravity Payments partner account. You will need a separate token for the sandbox and production environments. You can create this authorization token within our service portal, Dashboard. If you haven’t been provided with an account for our Dashboard product, please reach out to our Developer Support team so they can create an account for you. This authorization token will be submitted in the Authorization
header to authenticate your API requests just as an authorization token obtained using your API Key and Secret pair would be included in your requests.
To submit accounts to the API, you will first need to retrieve an authentication token by authenticating with your API Key and Secret. You’ll then use this authentication token with the Authorization
header in subsequent requests to claim your access to the API. Tokens last for 24 hours, after which time you’ll need to retrieve another.
To retrieve a token, you will POST a JSON object to the /auth
endpoint as follows:
Endpoint
{base-url}/auth
Request Headers
Content-Type: application/json
Request Body
{
"apiKey":"{your API Key goes here}",
"secret":"{your API Secret goes here}"
}
This request will prompt the server to authenticate your access and respond with an authentication token. The response body after a successful request will contain a JSON object that looks like the following:
Response Body
{
"AccessToken": "{token string}"
}
Code Example
const url = 'https://api.account.gravitypayments.com/v2/auth';
const requestBody = {
apiKey: 'my-api-key',
secret: 'my-api-secret'
};
const options = {
method: 'POST',
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify(requestBody)
};
fetch(url, options)
.then(res => res.json())
.then(json => console.log(JSON.stringify(json)))
.catch(err => console.error('Error: ' + JSON.stringify(err)));
curl --request POST \
--url https://api.account.gravitypayments.com/v2/auth \
--header 'Content-Type: application/json' \
--data '{"apiKey": "my-api-key", "secret": "my-api-secret"}'