Overview
All API requests must be authenticated using a bearer token (JWT).- Protocol: HTTPS
- Authentication: Bearer token
- Header:
Authorization
Base URL
Use the appropriate<BASE_URL> for your environment:
- Test environment:
https://apigwuat.corpay.com - Production environment:
https://apigw.corpay.com
Getting Access Token
To access the API, you must first obtain an access token. This requires aclient_id and client_secret, which Corpay provides after onboarding is complete.
Endpoint: POST <BASE_URL>/keycloak/realms/longship/protocol/openid-connect/token
Request
Response
Using the Access Token
Include the token in every request header:- In test environment, tokens may have a longer lifetime, for example
36000seconds. - In production, tokens typically expire after
3600seconds, or one hour.