Authentication

OAuth2 Flow

Rail leverages OAuth2 with the client credentials grant type to authenticate your API requests. You will be provided a client ID and secret during registration to be used to generate your token. It is imperativethat these are housed securely once provided to you.

Note: In the production and sandbox environments, the TTL of each token is 15 minutes. You will need to ensure you have appropriate token refresh capabilities in place to pre-fetch tokens as they expire. In the development environment token TTL is 12 hours.

To generate an appropriate token request, the client ID and secret must be base64 encoded as follows base64_encode({$clientID}:{$secret}). The resultant base64 encoded value is then used as follows to request a token.

Copy
Copied
curl --location --request POST '{$LAYER2_AUTH_ENDPOINT}?grant_type=client_credentials&scope={$SCOPES}' \
--header 'Accept: application/json' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Cache-Control: no-cache' \
--header 'Authorization: Basic {$BASE_64_ENCODED_CLIENTID_AND_SECRET}' \

Authentication Endpoints

Environment Endpoint
Production https://auth.layer2financial.com/oauth2/ausj0isa571aIN3mL696/v1/token
Sandbox https://auth.layer2financial.com/oauth2/ausbdqlx69rH6OjWd696/v1/token

Scopes

Scopes are used to control access per API. Required scopes are provided as part of each API description, with the full list of scopes listed below. Scopes are requested at the time of token creation. Best practice dictates to request as few a scopes as are needed to perform the function you are performing. When elevation is needed, additional tokens can be requested with the appropriate scopes in parallel, without expiring existing token.

We support the following scopes

  • customers:read - View Customer Data
  • customers:write - Create and Modify Customer Related Data
  • accounts:read - View Account Data
  • accounts:write - Create and Modify Account Related Data
  • settlements:read - View Settlements Data
  • applications:read - View Application Data
  • applications:write - Create and Modify Application Related Data
  • deposits:read - View Deposits Data
  • deposits:write - Create and Modify Deposits Related Data
  • withdrawals:read - View Withdrawals Data
  • withdrawals:write - Create and Modify Withdrawals Related Data
  • transfers:read - View Transfers Data
  • transfers:write - Create and Modify Transfers Related Data
  • exchanges:read - View Exchanges Data
  • exchanges:write - Create and Modify Exchange Related Data
  • adjustments:read - View Adjustment Data
  • adjustments:write - Create and Modify Adjustment Related Data
  • subscriptions:read - View Subscription Related data
  • subscriptions:write - Create and Modify Subscription Related Data
© 2024 Rail. All Rights Reserved.