API access
Set up access tokens
Revio uses the OAuth 2.0 Client Credentials Flow for access tokens.
This flow entails making a POST request to the endpoint https://dev-customer-api.auth.eu-west-1.amazoncognito.com/oauth2/token. The following parameters are required and should be form-encoded aligned to OAuth 2.0 standards.
Authorisation
Authorisation: Basic authorisation details (Username and Password) will be provided as part of merchant onboarding.
| Parameter | Description |
|---|---|
| grant_type | client_credentials |
After a successful call to the above endpoint, you should receive an access_token in the response.
Test environment credentials
Request your test credentials here.
Token management
Access tokens expire every 24 hours
Guidelines
- It is RECOMMENDED that Access Tokens are stored in encrypted format at rest if stored on the server side.
- If a token breach is detected, Revio SHOULD be immediately contacted so that affected tokens can be revoked.
- The number of employees with access to tokens SHOULD be kept to a need-to-know basis.
API endpoints
- Swagger schema can be found here
- Sandbox endpoint: https://dev.api.revio.co.za/
Production credentials
When you are ready to launch, please contact your Revio account manager to provide your live credentials
Updated about 2 months ago