Authentication

Vumi Finlink API uses token-based authentication (with JWT). To perform any type of operation (read, write or delete) usgin the API, you must authenticate requests by including a Bearer token in the headers of your requests. To know how to configure credentials for your apps and obtain API credentials, go to the API Configuration page.

Session tokens for the Vumi Finlink API last for one hour and can't be refreshed. Everytime your token expires, you must perform another login operation. Moreover, sessions for our API are unique per set of credentials. What this means is that every combination of client ID + client secret can only have one active session at a time.

Apart from session tokens, you can also obtain Link auth tokens. These tokens can be used to start a new link connection instead of using Link parameters in the URL directly. This Link flow start method might be set as the only valid method through app configuration, as explained in the Security page.

Available endpoints related to authentication are the following: