Access Token generation

To generate a Token, you will need a Project ID and Project Secret, which are available after activating the Project in maibmerchants.

For the Test Project, the Project ID and Project Secret will be available immediately after the settings are made (IP, Platform, Callback URL, Ok URL, Fail URL).

Flow authentication by Access Token:

Send a request to the token generation endpoint using the Project ID and Project Secret. If the transmitted data is valid, you will receive a Token (Token lifetime) and a Refresh Token (Refresh Token lifetime) in response.
If the token has expired, use Refresh Token to generate a new Access Token. If the Refresh Token has also expired, use the Project ID and Project Secret (see point 1).
Make requests to maib ecomm using the Access Token.

Token generation using Project ID and Project Secret

API endpoint (POST)

https://api.maibmerchants.md/v1/generate-token

Request parameters (body)

Parameter

Required

Type

Description

projectId

YES

string

Project ID from Project in maibmerchants

projectSecret

YES

string

Project Secret from Project in maibmerchants

Request example

curl --location --request POST "https://api.maibmerchants.md/v1/generate-token" \
    --header 'Content-Type: application/json' \
    --data-raw '{
    "projectId": "8508706",
    "projectSecret": "60462913-da44-47fa-8c82-146b676729b9"
    }'

Response parameters

Parameter

Type

Description

result

Object

An object containing the Token and the Refresh Token.

accessToken

string

Access Token

expiresIn

integer

Access Token lifetime in seconds

refreshToken

string

Refresh Token for generating a new Access Token.

refreshExpiresIn

integer

Refresh Token lifetime in seconds

tokenType

string

Token type (Bearer)

Boolean

Request processing status.

true - no errors

false - an error occurred (error details will be in errors)

errors

Array

Request processing errors. Errors table

errorCode

String

Error code

errorMessage

String

Error description

errorArgs

Object

Object contains parameters with error details

Response example

{
  "result": {
    "accessToken": "xxxxxx",
    "expiresIn": 300,
    "refreshToken": "xxxxxx",
    "refreshExpiresIn": 1800,
    "tokenType": "Bearer"
  },
  "ok": true
}

{
    "errors": [
        {
            "errorCode": "11001",
            "errorMessage": "Invalid credentials. Please check 'projectId' and 'projectSecret' parameters"
        }
    ],
    "ok": false
}

Token generation using Refresh Token

Request parameter (body)

Parameter

Required

Type

Description

refreshToken

Yes

string

Refresh Token

Request example

curl --location --request POST "https://api.maibmerchants.md/v1/generate-token" \
    --header 'Content-Type: application/json' \
    --data-raw '{
    "refreshToken": "xxxxxxxxxxxxx"
    }'

Response example

"result": {
    "accessToken": "xxxxxx",
    "expiresIn": 300,
    "refreshToken": "xxxxxx",
    "refreshExpiresIn": 1800,
    "tokenType": "Bearer"
  },
  "ok": true
}

Example of Authentication via Access Token

curl -X 'POST' \
  'https://api.maibmerchants.md/v1/pay' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer access_token' \
  -H 'Content-Type: application/json' \
  -d '{
  "clientIp": "135.250.245.121",
  "amount": 10.25,
  "currency": "USD",
  "description": "Description",
  "language": "en",
  "orderId": "123",
  "clientName": "Client Name",
  "email": "[email protected]",
  "phone": "069123456",
  "delivery": 1.25,
  "items": [
    {
      "id": "123",
      "name": "Item",
      "price": 2.5,
      "quantity": 2
    }
  ],
  "callbackUrl": "https://example.com/callback",
  "okUrl": "https://example.com/ok",
  "failUrl": "https://example.com/fail"
}'

PreviousPayments types NextDirect payment

Last updated 1 year ago

hashtagToken generation using Project ID and Project Secret

hashtagToken generation using Refresh Token

hashtagExample of Authentication via Access Token

Token generation using Project ID and Project Secret

Token generation using Refresh Token

Example of Authentication via Access Token