Rail leverages OAuth2 with the client credentials grant type to authenticate your API requests. You will be provided a client ID and secret during registration to be used to generate your token. It is imperative that these are housed securely once provided to you.
Note: In the production and sandbox environments, the TTL of each token is 15 minutes. You will need to ensure you have appropriate token refresh capabilities in place to pre-fetch tokens as they expire. In the development environment token TTL is 12 hours.
To generate an appropriate token request, the client ID and secret must be base64 encoded as follows base64_encode({$clientID}:{$secret}). The resultant base64 encoded value is then used as follows to request a token.
curl --location --request POST '{$LAYER2_AUTH_ENDPOINT}?grant_type=client_credentials&scope={$SCOPES}' \
--header 'Accept: application/json' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Cache-Control: no-cache' \
--header 'Authorization: Basic {$BASE_64_ENCODED_CLIENTID_AND_SECRET}' \| Environment | Endpoint |
|---|---|
| Production | https://auth.layer2financial.com/oauth2/ausj0isa571aIN3mL696/v1/token |
| Sandbox | https://auth.layer2financial.com/oauth2/ausbdqlx69rH6OjWd696/v1/token |
Scopes are used to control access per API.
Required scopes are provided as part of each API description, with the full list of scopes listed below.
Scopes are requested at the time of token creation. Best practice dictates to request as few a scopes as are needed to perform the function you are performing. When elevation is needed, additional tokens can be requested with the appropriate scopes in parallel, without expiring existing token.
accounts:read- View Account Dataaccounts:write- Create and Modify Account Related Dataapplications:read- View Application Dataapplications:write- Create and Modify Application Related Datacustomers:read- View Customer Datacustomers:write- Create and Modify Customer Related Datadeposits:read- View Deposits Datadeposits:write- Create and Modify Deposits Related Dataexchanges:read- View Exchanges Dataexchanges:write- Create and Modify Exchange Related Datapayments:read- View Payments Related datapayments:write- Create and Modify Payments Related Datasettlements:read- View Settlements Datasubscriptions:read- View Subscription Related datasubscriptions:write- Create and Modify Subscription Related Datatransfers:read- View Transfers Datatransfers:write- Create and Modify Transfers Related Datawithdrawals:read- View Withdrawals Datawithdrawals:write- Create and Modify Withdrawals Related Data