Overview

This guide describes how you can obtain an access token with the Oauth API. You need the access token to call the Payments Hub API. It also defines the requirements for the JSON Web Token (JWT) Bearer tokens that you need in your authentication and API requests.

The API uses access tokens to make sure that only applications authorized and approved by Payments Hub can access the API operations. Although every API call requires an access token, the type of the token depends on the API: When the API handles protected resources on behalf of the resource owner, a "JWT profile" access token is used. This means that, in addition to a valid Client ID and Client Secret, the app also needs a JWT Bearer token to retrieve the access token. The JWT Bearer token is used to identify the resource owner.

To obtain the access token to call the API endpoints, which are protected with OAuth 2.0 JWT Bearer grant, you must first create a JWT Bearer token and then use it to request the JWT profile access token.