API Reference
Start typing to search…

Get Client Token API

The Get Client Token API is used to create the token from the Hub with the scope (refer_child_merchant).

HTTP Method: POST

Environment

Test<https://uat-accounts.payu.in>
Production<https://accounts.payu.in>

Base URL: {{base_url}}/oauth/token

Request parameters

📘

Notes:

  • Caller client service should be registered on Hub (PayU’s oAuth2 Service )
  • refer_child_merchant scope should be whitelisted on caller client on Hub
  • Get Aggregator flag enabled on parent merchant
Parameter Description

client_id

The unique client identifier for the client.

client_secret

The client secret code is passed in this parameter.

grant_type

The client credentials is posted in this parameter.

scope

The scope is posted in this parameter. The scope can be any of the following:

  • refer_child_merchant: Use this scope when you want to refer and create a child merchant
  • fetch_child_merchants: Use this scope when you want to fetch the child merchants under a merchant

Note: Use this API with the scope as refer_child_merchant to create client token from Hub.

Sample request

curl --location -g --request POST '{{hub_base_url}}/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id={{client_id}}' \
--data-urlencode 'client_secret={{client_secret}}' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=refer_child_merchant'

Response parameters

Parameter Description Example

access_token

This parameter contains the access token.

453226e88f0e6d1
8b24fe4eedb817b
0ff096cb740f0354
e4b133188555d2b151

token_type

This parameter contains any of the following token type:

Bearer

expires_in

This parameter contains the time (in seconds) at which the token shall expire from the creation time. The creation time can be found in the created_at time.

2591999

scope

This parameter contains the scope as specified in the request.

refer_child_merchant

created_at

This parameter contains the time stamp when the token was created.

1642509515

Sample response

The following sample response for each scenario is in JSON format:

  • Create Child Merchant is Successful
{
    "access_token": "453226e88f0e6d18b24fe4eedb817b0ff096cb740f0354e4b133188555d2b151",
    "token_type": "Bearer",
    "expires_in": 2591999,
    "scope": "refer_child_merchant",
    "created_at": 1642509515
}
  • When the client_ID or secret code is unauthorised:
{
    "error": "invalid_client",
    "error_description": "Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method."
}
  • Incorrect scope or non-whitelisted scope
{
    "error": "invalid_scope",
    "error_description": "The requested scope is invalid, unknown, or malformed."
}