🇬🇧
Yativo Documentation
Spanish
English
English
  • Yativo
  • Introduction to Yativo
    • Financial Infrastructure
    • About Us
  • Dashboard
  • Business Plans
  • Getting Started with Yativo API
  • Yativo API Glossary
  • API reference
    • Misc.
      • Countries
      • States
      • City
  • Security and Authentication
    • Security
    • Authentication
    • Idempotency in API Requests
  • Environment
    • Environments
  • Notifications
    • Webhook
  • Compliance
    • Verification
      • KYC
      • KYB
      • KYC/KYB Update
      • KYC Status
      • Global Business Search
    • Supported Jurisdiction
    • Supported Countries, Currencies and Payment Method
  • User Management
    • Customer
      • Get Customers
      • Retrieve customer
      • Add Customer
  • Payments
    • Currencies
    • Crypto Wallets
      • Generate Wallet Address
      • Fetch Wallet Address
      • Crypto Deposit History
      • Single crypto deposit history
    • Payout
      • Payout
      • Get Payouts
      • Get Payout
      • Beneficiaries
        • Get Beneficiaries
        • Add Beneficiary Payment Details
        • Update Beneficiary
        • Archive Beneficiary
        • Add Beneficiary
    • Payin
    • Virtual Cards
      • Supported Currency, Country
      • Create card
      • Fetch card
      • Top up card
      • Get Transactions
      • Freeze and Unfreeze Card
    • Virtual Accounts
      • Create VIrtual Accounts
        • USD Virtual Account
        • Mexico Virtual Account
        • Brazil PIX QR
      • Virtual Account Management
      • Transaction History
  • Foreign Exchange
    • Exchange Rate
      • Request Quote
  • Transactions
    • Transaction Summary
    • Get Single Transaction
  • Crypto System
    • Yativo Crypto Platform API
Powered by GitBook
On this page
  1. Security and Authentication

Authentication

Yativo Authentication System

The Yativo API provides an auth/login endpoint that allows you to generate a bearer token by passing your account credentials. This token is essential for accessing protected resources within the Yativo system.

Example Request

To request a bearer token, send a POST request to the auth/login endpoint with your account_id and app_secret Which can be found in settings of your Yativo Business Dashboard.

Endpoint URL:

POST {{baseUrl}}/auth/login

Request Headers:

Content-Type: application/json

Request Body:

{
  "account_id": "account_id",
  "app_secret": "app_secret"
}

Example Request Using cURL:

curl -X POST {{baseUrl}}/auth/login \
-H "Content-Type: application/json" \
-d '{
    "account_id": "account_id",
    "app_secret": "app_secret"
}'

Example Response

Upon successful authentication, the response will include the access_token, token_type, and expires_in fields.

{
    "status": "success",
    "status_code": 200,
    "message": "Request successful",
    "data": {
        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vMTI3LjAuMC4xOjkwMDAvYXBpL3YxL2F1dGgvbG9naW4iLCJpYXQiOjE3MTY4OTg0NTQsImV4cCI6MTcxNjg5OTA1NCwibmJmIjoxNLCJqdGkiOiJsZWZEejJGZW1WQjR5YnNBIiwic3ViIjoiNyIsInBydiI6IjIzYmQ1Yzg5NDlmNjAwYWRiMzllNzAxYzQwMDg3MmRiN2E1OTc2ZjcifQ.U7tM5B45f64eCsEk5t0nJFepsKo2tvjyAJEqu8Gh2tk",
        "token_type": "bearer",
        "expires_in": 600 //time in seconds 600 seconds = 10 mins
    }
}

Using the Bearer Token

Once you have the access_token, include it in the Authorization header for all subsequent API requests to protected endpoints.

Example Header:

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vMTI3LjAuMC4xOjkwMDAvYXBpL3YxL2F1dGgvbG9naW4iLCJpYXQiOjE3MTY4OTg0NTQsImV4cCI6MTcxNjg5OTA1NCwibmJmIjoxNLCJqdGkiOiJsZWZEejJGZW1WQjR5YnNBIiwic3ViIjoiNyIsInBydiI6IjIzYmQ1Yzg5NDlmNjAwYWRiMzllNzAxYzQwMDg3MmRiN2E1OTc2ZjcifQ.U7tM5B45f64eCsEk5t0nJFepsKo2tvjyAJEqu8Gh2tk

By following these steps, you can authenticate with the Yativo API and securely access its protected resources using the provided bearer token.

PreviousSecurityNextIdempotency in API Requests

Last updated 2 months ago

Page cover image

Login

post

Auth Login

This endpoint is used to authenticate a user and obtain an access token for further API requests.

Request Body

  • email (text) - The email of the user for authentication.
  • password (text) - The password of the user for authentication.

Response

  • status - The status of the authentication request.
  • status_code - The status code of the response.
  • message - A message indicating the result of the authentication request.
  • data - An object containing the access token details:
    • access_token - The token used for authentication in subsequent requests.
    • token_type - The type of token.
    • expires_in - The duration in seconds for which the token is valid.

Example Response

{
    "status": "success",
    "status_code": 200,
    "message": "Request successful",
    "data": {
        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
        "token_type": "bearer",
        "expires_in": 3600
    }
}

Body
all ofOptional
and
anyOptionalExample: {"account_id":"dG93b2p1YWRzQGdtYWlsLmNvbQ==","app_secret":"f7d69513-40d8-49d1-8180-50ceb0a20d6a"}
Responses
200
OK
application/json
Responseall of
and
anyOptionalExample: {"status":"success","status_code":200,"message":"Request successful","data":{"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3plZS50ZXN0L2FwaS92MS9hdXRoL2xvZ2luIiwiaWF0IjoxNzA0OTAxODU3LCJleHAiOjE3MDQ5MDU0NTcsIm5iZiI6MTcwNDkwMTg1NywianRpIjoiRGFyR1RpUkFVZElFdThEZiIsInN1YiI6IjEiLCJwcnYiOiIyM2JkNWM4OTQ5ZjYwMGFkYjM5ZTcwMWM0MDA4NzJkYjdhNTk3NmY3In0.KtjKgURXSVuWfgtQFvpqo19hb0yCuI4Nijzb_hRw1D4","token_type":"bearer","expires_in":3600}}
post
POST /api/v1/auth/login HTTP/1.1
Host: smtp.yativo.com
Content-Type: application/json
Accept: */*
Content-Length: 97

{
  "account_id": "dG93b2p1YWRzQGdtYWlsLmNvbQ==",
  "app_secret": "f7d69513-40d8-49d1-8180-50ceb0a20d6a"
}
200

OK

{
  "status": "success",
  "status_code": 200,
  "message": "Request successful",
  "data": {
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3plZS50ZXN0L2FwaS92MS9hdXRoL2xvZ2luIiwiaWF0IjoxNzA0OTAxODU3LCJleHAiOjE3MDQ5MDU0NTcsIm5iZiI6MTcwNDkwMTg1NywianRpIjoiRGFyR1RpUkFVZElFdThEZiIsInN1YiI6IjEiLCJwcnYiOiIyM2JkNWM4OTQ5ZjYwMGFkYjM5ZTcwMWM0MDA4NzJkYjdhNTk3NmY3In0.KtjKgURXSVuWfgtQFvpqo19hb0yCuI4Nijzb_hRw1D4",
    "token_type": "bearer",
    "expires_in": 3600
  }
}