API Reference
Start typing to search…

Authentication

Facilero Authorization Service – Overview

The Authorization Service in the Facilero Transaction API is responsible for securing access to API endpoints by managing authentication and authorization. It follows the OAuth 2.0 protocol to validate client identities and issue access tokens, ensuring only trusted applications can interact with the API and access sensitive resources.

Purpose

The Authorization Service performs the following core functions:

  • Secure Access Control: Ensures only valid applications can access protected API resources.
  • Credential Validation: Authenticates merchantKey and merchantSecret to verify the application’s identity.
  • Token Issuance: Generates access tokens that are used to authenticate subsequent requests to the Facilero Transaction API.

Environment Endpoints

Use the appropriate URL depending on your environment:

EnvironmentBase URL
Productionhttps://live.facilero.com/api/v1/auth
Sandboxhttps://sandbox.facilero.com/api/v1/auth

All authentication requests (e.g., /token) should be sent to the base URL above, depending on whether you're in production or sandbox.

How It Works

1. Obtain Credentials

Upon registering your application with Facilero, you will receive:

  • merchantKey: Your unique application identifier
  • merchantSecret: A secret key tied to your application

2. Submit Authentication Request

Send a POST request to the /token endpoint of the Authorization Service, including your credentials in the request body.

3. Validate and Receive Token

If the credentials are valid, an access token is returned.

4. Use the Token

Include the token in the Authorization header for all future API requests:

Authorization: Bearer <access_token>

This token is required to authenticate all requests to the Facilero Transaction API.

Request and Response Examples

Token Request

POST /token

Request Body:

{
  "merchantKey": "your-merchant-key",
  "merchantSecret": "your-merchant-secret"
}

Token Response

Response Body:

{
  "merchantKey": "your-merchant-key",
  "token": "Bearer <access_token>"
}

Conclusion

The Facilero Authorization Service is essential for securing communication with the Transaction API.
By using the correct environment endpoint and securely managing your credentials and tokens, your integration remains safe, reliable, and compliant.