Authentication Scopes
We will provide a clear explanation of how bearer token generation works with client credentials and scopes.
Here's a breakdown of the key points:
-
Client Credentials: You'll need a
client_idandclient_secretwhich we provide after you create an app (opens in a new tab). These act as your application's identification. -
Authentication Scopes: These define the specific actions your application is authorized to perform on the platform. Eight types of scopes are listed:
- Send OTP Scope
(otp:send): used to send OTP on the platform. - Verify OTP Scope
(otp:verify): used to verify if the OTP was sent on the platform. - Deposit request Scope
(deposit:request): used to request deposits on the platform. - Deposit status Scope
(deposit:status): used to check the status of deposits on the platform. - Payout request Scope
(payout:request): used to request for payout on the platform. - Payout status Scope
(payout:status): used to check the status of payout on the platform. - Lookup request Scope
(lookup:request): used to request for lookup on the platform. - Lookup status Scope
(lookup:status): used to check the status of the lookup on the platform.
- URL Encoding: The entire payload, including the scopes, needs to be URL encoded before sending it to the platform's token endpoint.
- Scope Separation: Different scopes within the payload are separated by a space.
📘
Let's say your application needs to request and verify deposits. You would include the following scopes in your
payload. deposit:status deposit:request
Grants Type
When generating a bearer token with a provided client_id and client_secret you will also need grant_type,
The grant type is :
- Client credentials
client_credentials: used to request user's details.