Swervpay employs OAuth 2.0 as its fundamental security protocol. Access to Swerv endpoints necessitates obtaining an access token, granting entry to restricted endpoints.

To get an access token, you must first authenticate with the Swerv API. This is done by sending a POST request to the /auth endpoint with your business ID and secret key encoded in base64 as Basic Authorization in the request header.

Authentication URL: POST https://api.swervpay.co/api/v1/auth

Sample Request

const response = await fetch(`https://api.swervpay.co/api/v1/auth`, {
    method: "POST",
    headers: {
        "Content-Type": "application/json",
        Authorization:  `Basic ${Buffer.from(`<BUSINESS_ID>:<SECRET_KEY>`).toString("base64")}`
    },
    body: JSON.stringify({}),
});

if (response.status !== 200 && response.status !== 201) {
    const body = await response.json();

    throw new Error(body as any);
}

const token = await response.json();

Sample Response

Response
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MDc1OTc0NDMsImlhdCI6MTcwNzU5Mzg0MywiaXNzIjoiU3dlcnZwYXkiLCJpZCI6ImJ1c19tdml1TlNNS2k3NHZUWTh5dmZQNm5RIiwidGtuIjp7InR5cCI6ImJlYXJlciIsImlkIjoiZGY2OTNjY2MtM2YwYy00NDAwLWE0YTQtMmM1YjE4YjBjZTNiIn19.53eKLonZZ8zvC_i2M_P4sQfZlmc7x-bSc8J95TCtIwY",
  "token": {
    "type": "bearer",
    "expires_at": 1707597443075,
    "issued_at": 1707593843075
  }
}
The access token gotten from the auth API expires after 1 hour.