OAuth 2.0
Enable secure and reliable access for advanced integrations
What is OAuth 2.0?
OAuth 2.0 is an industry-standard authorization framework that enables secure, delegated access to resources without sharing credentials. It allows applications to obtain limited access to a user’s account on an HTTP service, such as social media or cloud storage, on their behalf. Instead of sharing passwords, OAuth 2.0 issues tokens that grant specific permissions, enhancing security and user convenience.
OAuth 2.0 token retrieval process
Before you begin integrating, please contact our support team to get set up.
You’ll need to provide your redirect URI, scopes and receive a client_id
,
username
and password
to use with our API.
The API flow is captured in the following diagram:
User initiates authorization from YourApp
Navigate user to authentication service
client_id
you should obtain in advance (contact us)redirect_uri
– URI where user will be redirected after permissions have been granted. Should be shared with us in advance.response_type=code
for the Authorization Code grant. Must be always provided.state
an optional parameter to track the state between initiating and completing authprompt
this field is optional, but ifoffline_access
scope is required then this value must be set toconsent
scope
– Permissions you want to request. If you need to request multiple permissions you need to join them with+
sign. Available scopes can be found here
Ziina asks user to grant access
User grants permissions at https://auth.ziina.com
User is redirected to your redirect_uri
Following query params added to your redirect_uri
iss=https://auth.ziina.com
code=${authorizationCode}
which you need to use to exchange for access and refresh tokensstate=${state}
if this field was passed initially
Exchange code for access_token
Send
authorizationCode
is the code, which you got at previous step- Use username and password provided by support to add basic authorization header
with Base64-encoded
${username}:${password}
string prepended with the wordBasic
Ziina responds with access_token
Example response
Make API calls with the Bearer authorization header
API reference can be found here
Optional: refresh your access_token
Once your access_token
token expires you might want to get a new one. In order to do that you need
to send the following request:
To create the Basic authorization header, encode the string ${username}:${password}
in Base64 and prepend it with the word Basic
.
In order to get refresh_token you need to add scope=offline_access when you get access_token
Available scopes
write_payment_intents
. Allows to create payment intents and accept payments on users behalfwrite_refunds
. Allows to create and fetch refundswrite_webhooks
. Allows to create and delete webhookswrite_transfers
. Allows to transfer money to Ziina usersoffline_access
. Add this scope if you want to getrefresh_token
Tokens obtained at Ziina website on business connect page have all available scopes assigned.
Need help?
If you have questions, visit our help center or contact us at support@ziina.com.
Was this page helpful?