When integrating APIs, testing credentials are vital. They ensure all processes work before going live. These credentials are for platforms. They meet specific requirements and test modules.
✅ Testing Credentials: Each platform gets its own set of credentials. They are tailored to its needs and the chosen API modules for testing. This lets teams use the APIs in a safe, controlled environment. It simulates real-world scenarios, without risking live systems.
✅ Staging Environment for Testing: Testing credentials are designed for use exclusively in the staging environment—a safe, isolated platform that mirrors the live system. This environment lets developers test the APIs. It ensures smooth operation when the app goes to production.
✅ Seamless Transition to Live: The testing credentials enable you to experience how the APIs will function in a live scenario. After testing and integration, and once all formalities are done, we will issue production credentials separately. This clear distinction between testing and live credentials helps. It streamlines the transition from development to deployment. It ensures there are no unexpected issues in the live environment.
✅ Collaborative Approach: During testing, businesses can work with our team to address any questions or challenges. This process ensures all requirements are met. It also aligns the API integration with your platform's goals.
We provide testing credentials and a secure testing environment. This ensures your API integration is smooth, reliable, and ready for production.
How do I test the APIs?
While you are boarded on the test environment ('Staging') by our team, you will receive the credentials for the modules you've chosen to go with.
You'll get the below important credentials for each module that you choose -
- Name - client_ID
Description - This is a unique id assigned to each client
- Name - client_secret
Description - This is a client-specific password/secret_key to access the account
- Name - module_secret
Description - This is a module secret that is used to access certain APIs from a module.
- Name - provider_secret (In some modules)
Description - This is a provider secret that is used to access certain APIs from a module.
Please note that the credentials are unique to a platform and should not be shared within the organization without consent or with any external partners.
JWT
JWT stands for JSON Web Token. It is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.
- Customers can generate JWT using our Auth API with various grant types in the request body.
- Customers can pass the grant_type as
- client_credentials
- refresh_token
- user_credentials
- The JWT token is valid for 15 minutes by default
✅ Generate JWT with Client Credentials
Customers can generate JWT with Client Credentials ☟
Request Parameter - grant_type
Description - To generate JWT with client credentials, customers need to pass grant_type as client_credentials
Request Parameter - client_id
Description - The client id generated for the customer at Instantpay
Request Parameter - client_secret
Description - The client secret generated for the customer at Instantpay
✅ Generate JWT with Refresh Token
Customers can generate JWT with Refresh Token ☟
Request Parameter - grant_type
Description - To generate JWT with refresh token, customers need to pass grant_type as refresh_token
Request Parameter - refresh_token
Description - The refresh token that was generated while creating JWT
✅ Generate JWT with User Credentials
Customers can generate JWT with User Credentials ☟
Request Parameter - grant_type
Description - To generate JWT with user credentials, customers need to pass grant_type as user_credentials
Request Parameter - email
Description - The email ID registered against the customer at Instantpay
Request Parameter - password
Description - The password for the dashboard is associated with the registered email ID at Instantpay
✅ How to use JWT in Instantpay APIs?
Once customers generate JWT, they can use this instead of client_id and client_secret in API Authorization.
- Customers can pass JWT in headers instead of client_id and client_secret to access the API
- All our APIs will work with both the methods, Client Credentials, and JWT