Create api secret
To access the Walley API, a valid token is required, which can be obtained using a client ID and API secret. The initial secret is generated within the Merchant Hub. However, additional secrets can be generated using the API.
The first secret is required to be created in the Merchant Hub but to generate new secrets the api can be used.
Please note
The apiSecret obtained in the response must be stored securely as it's only retrievable once.
Only two active secrets is allowed at one time for an organization.
Exampleβ
- Request
- Response
POST /manage/organizations/{{orgId}}/apisecrets HTTP/1.1
Host: api.uat.walleydev.com // (Please note! Different hostname in production)
Content-Type: application/json
Authorization: Bearer bXlVc2VybmFtZTpmN2E1ODA4MGQzZTk0M2VmNWYyMTZlMDE...
{
"label": "Name of secret",
"expirationDate": null
}
{
"entityId": "83119b40-4a7d-454d-beda-26647f89e2fc",
"metadata": {
"clientId": "6a8efa5b-378b-44f5-bfc6-3b5d61f0d314",
"apiSecret": "CR6qTkUAkKxwCWx7UwJgN7XX59sLzCwGdQu9TKyAbmWGBRWAkBd9NRBeFz2D",
"expiresAt": "2020-01-01T00:00:00.0000000+00:00"
}
}
Requestβ
Request pathβ
| Path | Required | Explanation |
|---|---|---|
| orgId | Yes | The id of the organization, to obtain the orgId please contact help@walley.se. |
Request headersβ
| Header | Required | Explanation |
|---|---|---|
| Authorization | Yes | Instructions on how to generate the Bearer token value can be found here |
Request bodyβ
| Property | Required | Explanation | Type | Notes |
|---|---|---|---|---|
| label | No | Only a text that makes it easier to tell secrets apart. | string | |
| expirationDate | No | A date between creation and 99 years in the future. The default is 6 months from creation. | date |
Responseβ
The response will be 201 Created for a successful creation.
Possible responsesβ
| Http status code | Description |
|---|---|
| 201 | Secret created |
| 401 | Unauthorized, token verification needed. See: Authentication for more information |
| 403 | Permissions needed e.g. trying to handle content for a organization you don't have permission to |
| 422 | Error code: TooManyAppPasswords, Not allowed to add 3 passwords. You can only add a maximum of 2 passwords. |
Response body from 201 Createdβ
| Property | Explanation | Type | Notes |
|---|---|---|---|
| entityId | The id to identify the secret. | string | |
| metadata.clientId | The client id is used in the authentication to retrive a jwt token. | string | |
| metadata.apiSecret | The api secret is used in the authentication to retrive a jwt token. | string | |
| metadata.expiresAt | The date the secret expires and can not be use to retrive any more jwt tokens. | string |