Authentication

SasaPay APIs are protected and therefore, you need the API credentials to be able to access our APIs resources.

To obtain the credentials, visit Get Started as a Developer section.

With CLIENT ID and CLIENT SECRET obtained from the sandbox application, You can generate an access token by making a GET request to the following endpoint:

Endpoint: https://sandbox.sasapay.app/api/v1/auth/token/?grant_type=client_credentials

The following Query parameters are expected:

Request Parameters

Field	Type	Description	Example
Authorization	Header	Basic Auth over HTTPS, this is a base64 encoded string of an app's client ID and client secret	Authorization
grant_type	query	client_credentials grant type is supported. Put this under Params	Basic Q1k2RW5SOGl

Example

Python

import requests
import json
from requests.auth import HTTPBasicAuth
def token():

    url = 'https://sandbox.sasapay.app/api/v1/auth/token/?grant_type=client_credentials'
    params = {'grant_type': 'client_credentials'}
    res = requests.get(url,
                        auth=HTTPBasicAuth(CLIENT_ID, CLIENT_SECRET), params=params)
    response = json.loads(res.text)
    access_token = response['access_token']
    print(access_token)

Node JS

function token() {
  const clientId = 'CLIENT_ID';
  const clientSecret = 'CLIENT_SECRET';
  const tokenUrl = 'https://sandbox.sasapay.app/api/v1/auth/token/?grant_type=client_credentials';

  const credentials = btoa(`${clientId}:${clientSecret}`);

  const requestOptions = {
    method: 'GET',
    headers: {
      Authorization: `Basic ${credentials}`,
    }
  };

  fetch(tokenUrl, requestOptions)
    .then((response) => response.json())
    .then((data) => {
      const accessToken = data.access_token;
      console.log('Access Token:', accessToken);
    })
    .catch((error) => console.error('Error:', error));
}

PHP

<?php
 $url = 'https://sandbox.sasapay.app/api/v1/auth/token/?grant_type=client_credentials';
   $requestBody = array(
        'client_id' => 'CLIENT_ID',
       'client_secret' => 'CLIENT_SECRET',
    );
$headers = array(
'Authorization: Basic '. base64_encode($requestBody['client_id'].':'.$requestBody['client_secret']),
);
$curl = curl_init();
curl_setopt_array($curl, array(
  CURLOPT_URL => $url,
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'GET',
  CURLOPT_HTTPHEADER => $headers
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;

Java

import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;

import java.util.ArrayList;
import java.util.List;

public class OAuth2ClientCredentialsExample {
    public static void main(String[] args) {
        String clientId = "CLIENT_ID";
        String clientSecret = "CLIENT_SECRET";
        String tokenUrl = "https://sandbox.sasapay.app/api/v1/auth/token/?grant_type=client_credentials";

        CloseableHttpClient httpClient = HttpClients.createDefault();
        HttpGet httpGet = new HttpPost(tokenUrl);

        List<NameValuePair> params = new ArrayList<>();
        params.add(new BasicNameValuePair("grant_type", "client_credentials"));

        httpGet.setHeader("Authorization", "Basic " + Base64.getEncoder().encodeToString((clientId + ":" + clientSecret).getBytes()));

        try {
            httpGet.setEntity(new UrlEncodedFormEntity(params));
            HttpResponse response = httpClient.execute(httpGet);

            if (response.getStatusLine().getStatusCode() == 200) {
                String responseBody = EntityUtils.toString(response.getEntity());
                System.out.println("Response: " + responseBody);
            } else {
                System.out.println("Error: " + response.getStatusLine().getReasonPhrase());
            }
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            try {
                httpClient.close();
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
    }
}

Response Parameters

Field	Type	Description	Example
statusCode	Numeric	This is a numeric status code that indicates the status of the response. 0 means success and any other code means an error occurred or the request failed.Please refer to the response codes table above.	0
expires_in	Numeric	Token expiry time in seconds	3600
access_token	JSON Response Item	Access token to access other APIs	"qYrRg0v5UiznR”
token_type	String	The specific type of token	“Bearer”

Response Sample

{
  "status": true,
  "detail": "SUCCESS",
  "access_token": "yKrv1N*******ctjQ8oo",
  "expires_in": 3600,
  "token_type": "Bearer",
  "scope": "merchants C2B/B2B/B2C"
}