Authentication and Headers
The PayTrace JSON API requires authentication and authorization in order to make request. OAuth 2.0 provides a "password" grant type which can be used to exchange a username and password for an access token directly. The client identifier and client secret are not currently used for accessing this API, but may be used in future versions of the JSON API. You will see that with a good OAuth 2.0 library to help you, integrating and authenticating with our API is easy and secure.
Every request that is part of the API requires authentication via the access token described in the previous paragraph (except for /v1/ping).
POST: /oauth/token
REQUEST:
POST /oauth/token HTTP/1.1
Host: api.paytrace.com
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
grant_type=password&username=demo123&password=demo123
Field types: R – Required, O – Optional, C - Conditional
RESPONSE:
{
"access_token":"4656d6f6132333:4656d6f6132333:2b607b9a44720c9c3ca867653c7e6ef8b3f3802709c17f2a54402820d155f214",
"token_type": "bearer",
"expires_in": 7200
}
HOW TO USE TOKEN AND TOKEN TYPE:
You can now submit the token_type and access_token as values in the Authorization Header of your JSON API request.
Below is an example of a Keyed Sale JSON API request.
POST /v1/transactions/sale/keyed HTTP/1.1
Host: api.paytrace.com
Authorization: Bearer 4656d6f6132333:4656d6f6132333:2b607b9a44720c9c3ca867653c7e6ef8b3f3802709c17f2a54402820d155f214
Content-Type: application/json
Cache-Control: no-cache
{
"amount": "1.00",
"credit_card": {
"number": "4111111111111111",
"expiration_month": "12",
"expiration_year": "2020"
},
"csc": "999",
"billing_address": {
"name": "Steve Smith",
"street_address": "8320 E. West St.",
"city": "Spokane",
"state": "WA",
"zip": "85284"
}
}
page revision: 19, last edited: 19 Jul 2016 19:14