Authentication

AccessToken is a resource that authorizes access to specific client data, such as their credit card information. To consume the methods of the Protected Card API, it is necessary to obtain the access_token in the OAuth 2.0 standard:

Environment	URL + Endpoint	Authorization
SANDBOX	`https://authsandbox.braspag.com.br/oauth2/token`	"Basic {base64}"
PRODUCTION	`https://auth.braspag.com.br/oauth2/token`	"Basic {base64}"

Concatenate ClientId and ClientSecret (ClientId:ClientSecret).
Encode the concatenation result in base64, creating a string.
Send a request to the authorization server using the alphanumeric code created (string) - see example below.

ℹ️
Request the support team to create the ClientId and ClientSecret for your store to use in both SANDBOX and PRODUCTION environments.

Request

--request POST "https://authsandbox.braspag.com.br/oauth2/token"
--header "Authorization: Basic _(Authorization)_"
--header "Content-Type: application/x-www-form-urlencoded"
--body "grant_type=client_credentials"

Parameters	Description
`Authorization`	Basic (Authorization)
`Content-Type`	application/x-www-form-urlencoded
`grant_type`	client_credentials

Response

{
  "access_token": "faSYkjfiod8ddJxFTU3vti_ ... _xD0i0jqcw",
  "token_type": "bearer",
  "expires_in": 599
}

Response	Description
`access_token`	The requested access token. The application can use this token to authenticate with the protected resource.
`token_type`	Indicates the value of the token type.
`expires_in`	Access token expiration, in seconds After the token expires, you need to generate a new token.

Request the support team to create the ClientId and ClientSecret for your store to use in both SANDBOX and PRODUCTION environments.

Request

Response

Request the support team to create the `ClientId` and `ClientSecret` for your store to use in both SANDBOX and PRODUCTION environments.