API Documentation

Authentication

Our authentication and authorization process relies heavily on the endpoint since it enables us to confirm the legitimacy of the merchant requesting access to our services.

1. Payloads and Headers: Your API key and merchant ID are two necessary payloads that must be provided in order to access this endpoint and prove your identity. By using these credentials as authentication, our server is able to confirm your identity. These delicate credentials are sent in the request headers rather than the request body in order to maintain security. Credential header inclusion is a common method for secure communication.
2. Request and Response: Our server responds to your request for this endpoint with the necessary headers, which must include the secret key and merchant ID. The process of authentication is handled by our server. If your credentials are legitimate, the server will reply with a success code of "0", signifying that your authentication was successful. On the other hand, the server responds with the proper error code if the provided credentials are wrong or invalid.
3. Access Token: The server creates an access token, which functions as a bearer token, following successful authentication. This access token, which reflects your authenticated identity, is a distinct, transitory, and encrypted string. You can make additional queries to other endpoints on our platform using this token. The token is a form of authorization included in the request headers that enables the server to confirm that subsequent requests are made by an authenticated and authorized merchant.
4. Further Calls: Now that you have the access token, you can make calls to other endpoints on our platform by including the token in the request headers. To confirm that the merchant is permitted to carry out the desired operation, each request is compared to the access token. This procedure maintains data security and integrity while offering convenient and secure access to numerous services and resources.

Overall, this authentication and authorization process makes sure that only reputable merchants with legitimate credentials may access and use the resources on our platform.

It provides a solid basis for a secure and dependable merchant experience on our platform by assisting in preventing unwanted access and any security breaches.

curl --location --request POST 'https://api.ozibus.com.au/v1/generate_token' \
--header 'Merchant-Id: <YOUR_MERCHANT_ID>' \
--header 'API-Key: <YOUR_API_KEY>' \

<?php

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => 'https://api.ozibus.com.au/v1/generate_token',
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'POST',
  CURLOPT_HTTPHEADER => array(
    'Merchant-Id: <YOUR_MERCHANT_ID>',
    'API-Key: <YOUR_API_KEY>'
  ),
));

$response = curl_exec($curl);

curl_close($curl);
echo $response;

<?php
$client = new Client();
$headers = [
  'Merchant-Id' => '<YOUR_MERCHANT_ID> ',
  'API-Key' => '<YOUR_API_KEY>'
];
$request = new Request('GET', 'https://api.ozibus.com.au/v1/generate_token', $headers);
$res = $client->sendAsync($request)->wait();
echo $res->getBody();

const axios = require('axios');

let config = {
  method: 'post',
  maxBodyLength: Infinity,
  url: 'https://api.ozibus.com.au/v1/generate_token',
  headers: { 
    'Merchant-Id': '<YOUR_MERCHANT_ID>', 
    'API-Key': '<YOUR_API_KEY>'
  }
};

axios.request(config)
.then((response) => {
  console.log(JSON.stringify(response.data));
})
.catch((error) => {
  console.log(error);
});

import requests

url = "https://api.ozibus.com.au/v1/generate_token"

payload = {}
headers = {
  'Merchant-Id': '<YOUR_MERCHANT_ID>',
  'API-Key': '<YOUR_API_KEY>'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.text)