Access Tokens
Requesting an Access Token
To request an access token you will need to make a request with the createOAuthAccessTokenFromClientCredentials mutation using a client id and client secret as the authorization for your reqeust. These values can be found in the Control Panel.
Once obtaining the client id and secret for your application, base64 encode the value and include it in the authorization header.
echo -n 'CLIENT_ID:CLIENT_SECRET' | base64
"Authorization": "Basic BASE64_ENCODED(CLIENT_ID:CLIENT_SECRET)"
Access Token Scopes
When requesting an access token you must pass in the scopes needed to perform the mutations and queries where the access token will be used as the authorization.
mutation
mutation createOAuthAccessTokenFromClientCredentials($input: CreateOAuthAccessTokenFromClientCredentialsInput!) {createOAuthAccessTokenFromClientCredentials(input: $input) {accessToken {accessTokentokenTypeexpiresAt}}}
variables
{"input": {"scopes": ["TRANSACTION_SALE", "TRANSACTION_MANAGE_SETTLEMENT"]}}
Using the Access Token
The access token will be available in the response of the createOAuthAccessTokenFromClientCredentials mutation.
response
{"data": {"createOAuthAccessTokenFromClientCredentials": {"accessToken": {"accessToken": "access_token$sandbox$abc123","tokenType": "BEARER","expiresAt": "date"}}},"extensions": {"requestId": "a-uuid-for-the-request"}}
Authorization with an Access Token
To authenticate with an access token, take the access token from the response and include it in the authorization header.
"Authorization": "Bearer ACCESS_TOKEN"
Call the subsequent mutations or queries as normal.
Errors
If the scopes used to generate the access token are not sufficient for the mutation or query being called, an authorization error will be returned.
response
{"extensions": {"errorClass": "AUTHENTICATION","errorType": "developer_error"},"message": "Authentication credentials are invalid."}
Mutations and the scopes needed
This is a list of the minimum required scopes for certain mutations.
The required scopes for a mutation may increase or descrease depending on the fields requested in the mutation.
| Mutation | Scope |
|---|---|
| authorizeCreditCard | TRANSACTION_SALE |
| authorizePaymentMethod | TRANSACTION_SALE |
| authorizeVenmoAccount | TRANSACTION_SALE |
| captureTransaction | TRANSACTION_MANAGE_SETTLEMENT |
| chargeCreditCard | TRANSACTION_CHARGE |
| createCustomer | CUSTOMER_CREATE |
| createVenmoPaymentContext | PAYMENT_CONTEXT_CREATE |
| Node.venmoPaymentContext | PAYMENT_CONTEXT_FIND |
| partialCaptureTransaction | TRANSACTION_MANAGE_SETTLEMENT |
| refundTransaction | TRANSACTION_REFUND |
| reverseTransaction | TRANSACTION_REVERSE |
| tokenizeCreditCard | SINGLE_USE_PAYMENT_METHOD_CREATE |
| tokenizeNetworkToken | SINGLE_USE_PAYMENT_METHOD_CREATE |
| vaultPaymentMethod | PAYMENT_METHOD_VAULT |
List of all available scopes
This is a list of the available scopes in the API. Please note that this list is subject to change.
ADDRESS_CREATEADDRESS_DELETEADDRESS_FINDADDRESS_UPDATEAPPLE_PAY_MANAGE_WEB_DOMAINSCLIENT_TOKEN_GENERATECREDIT_CARD_EXPIRING_BETWEENCREDIT_CARD_VERIFICATION_SEARCHCUSTOMER_CREATECUSTOMER_DELETECUSTOMER_FINDCUSTOMER_SEARCHCUSTOMER_UPDATEDISPUTE_ACCEPTDISPUTE_ACCEPT_FACILITATEDDISPUTE_ADD_EVIDENCEDISPUTE_ADD_EVIDENCE_FACILITATEDDISPUTE_FINALIZEDISPUTE_FINALIZE_FACILITATEDDISPUTE_FINDDISPUTE_FIND_FACILITATEDDISPUTE_REMOVE_EVIDENCEDISPUTE_REMOVE_EVIDENCE_FACILITATEDDISPUTE_SEARCHDISPUTE_SEARCH_FACILITATEDDOCUMENT_UPLOAD_CREATEGRANT_PAYMENT_METHODMERCHANT_ACCOUNT_ALLMERCHANT_ACCOUNT_FINDMULTI_USE_PAYMENT_METHOD_CREATEMULTI_USE_PAYMENT_METHOD_DELETEMULTI_USE_PAYMENT_METHOD_FINDMULTI_USE_PAYMENT_METHOD_UPDATEPAYMENT_CONTEXT_CREATEPAYMENT_CONTEXT_FINDPAYMENT_CONTEXT_SEARCHPAYMENT_METHOD_VAULTPAYMENT_METHOD_VERIFYREAD_FACILITATED_TRANSACTIONSSETTLEMENT_BATCH_SUMMARY_GENERATESHARED_VAULT_TRANSACTIONSSINGLE_USE_PAYMENT_METHOD_CREATESINGLE_USE_PAYMENT_METHOD_FINDSUBSCRIPTION_CANCELSUBSCRIPTION_CREATESUBSCRIPTION_FINDSUBSCRIPTION_SEARCHSUBSCRIPTION_UPDATETRANSACTION_CHARGETRANSACTION_FINDTRANSACTION_MANAGE_SETTLEMENTTRANSACTION_REFUNDTRANSACTION_REVERSETRANSACTION_SALETRANSACTION_SEARCHTRANSACTION_VOID