Partner Authorization Framework
All authorization is based on OAuth 2.0. The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service. OAuth relies on authentication scenarios called flows, which allow the resource owner to share the protected content from the resource server without sharing their credentials. For that purpose, an OAuth 2.0 server issues access tokens that the client applications can use to access protected resources on behalf of the resource owner. For more information please see the IETF definition rfc6749.
Once the Partner scope has been approved by Sniptech, the access tokens provided will be valid for 5 minutes and refresh tokens for 30 minutes.
Environment variables {{base_url}}:
Acceptance: https://api.acc.sniptech.com
Production: https://api.sniptech.com
Token and refresh endpoint: {{base_url}}/auth/token
Scopes:
Sniptech Audiences API: audiences
Sniptech Cancellations API: cancellation
Sniptech Deals API: deals
Sniptech PSD2 & PFM API: pfm
Sniptech Online Cashback API cashback
Token example:
curl --location --request POST '{{base_url}}/auth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=<CLIENT_ID>' \
--data-urlencode 'client_secret=<CLIENT_SECRET>' \
--data-urlencode 'scope=cancellation'
Refresh example:
curl --location --request POST '{{base_url}}/auth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=refresh_token' \
--data-urlencode 'refresh_token=<REFRESH TOKEN>'
The obtained access_token must be included in every call on our platform, e.g:
curl --location --request GET '{{base_url}}/cancellations/v1/organizations?locale=es-ES' \
--header 'Authorization: Bearer <ACCESS TOKEN>'
Sample Response:
{
"access_token": "eyJhbGciOiJIUzI1NiJ9.eyJSb2xlIjoiYWNjZXNzIiwiSXNzdWVyIjoiSXNzdWVyIiwiVXNlcm5hbWUiOiJKYXZhSW5Vc2UiLCJleHAiOjE2NDkzMTYxMDQsImlhdCI6MTY0OTMxNjEwNH0.6n_ZxEEUBEio623kvZoq6WT7qEwkOrny-l9SzUX_Bto",
"refresh_token": "eyJhbGciOiJIUzI1NiJ9.eyJSb2xlIjoiUmVmcmVzaCIsIklzc3VlciI6Iklzc3VlciIsIlVzZXJuYW1lIjoiSmF2YUluVXNlIiwiZXhwIjoxNjQ5MzE2MTA0LCJpYXQiOjE2NDkzMTYxMDR9.kV8Icb3dcvKebp85Zss4BzpDKmFgSvWan8_d3JX9owE",
"expires_in": 300,
"scope": "cancellation
"
}