Request authentication
All payments requests (pay-ins, payouts, mandates, and refunds) need to be authenticated before you initiate the request. To authenticate payments, you need:
- public and private signing keys, which are uploaded to Console and included with your requests respectively.
- an access token, which can be used to make multiple payments and is valid for an hour.
Generate a access_token that you must include as a bearer header to authenticate each of your requests. You need to include the correct scopes to ensure your access token can be used for different types of payment.