API Login

The API login operation takes your credentials and desired scopes (if you leave them blank, all scopes will be associated to the session) and returns a session JWT token that lasts for one hour.

Get a session token in the API for the given credentials. It lasts one hour

POSThttps://api.finlink.vumi.io/api/v1/auth/login

Body

clientId*string (uuid)

Client ID

clientSecret*string

Client Secret

Example: "your-client-secret"

scopesnullable array of nullable string

Scopes that the session should have

Response

Successfully logged into the API

Body

tokenstring

The JWT Token to use in API requests

Request

Response

Session scopes

In Vumi Finlink API you can limit session scopes. If you leave them blank or null when starting a session, all scopes will be associated to the given session. We recommend following the "principle of least privilege", meaning that if you are certain a session will only be used for a specific purpose, don't assign it unnecessary scopes just in case your token gets compromised.

Some endpoints in our API can be called with a session without any specific scope needed. These endpoints are simple to identify, since they're not under neither /queries or /commands. Get Webhook verification key is an example for one of these endpoints.

There are currently three available scopes in Vumi Finlink API sessions:

Scope

Description

Last updated 5 months ago