Skip to main content

authentication

Step 1: Obtain Access Token

Before making any API calls, you need to authenticate and obtain an access token.

Endpoint

POST /connect/token

Headers:

content-type: application/x-www-form-urlencoded
grant_type: client_credentials
client_id: YOUR_CLIENT_ID
client_secret: YOUR_CLIENT_SECRET

Where to get Client ID and Client Secret:

These credentials are generated when you create a business account on the WePay platform.
Contact WePay support to obtain these credentials.

Example Request (cURL)

curl -X POST " https://test-api.welink-sa.com/connect/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials" \
  -d "client_id=YOUR_CLIENT_ID" \
  -d "client_secret=YOUR_CLIENT_SECRET"

Example Response

{
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjBNVUdGT1IxSjlWSURKVlFISV9UMjFfSlBDVTA5WlotS0dFQVRHWDciLCJ0eXAiOiJhdCtqd3QifQ...",
"token_type": "Bearer",
"expires_in": 1440
}

Response Fields:

access_token: The bearer token to use for authenticated API requests.
token_type: Always "Bearer" for this authentication method.
expires_in: Token expiration time in minutes (1440 = 24 hours).

Important Notes:

Store the access token securely.
Tokens expire after the time specified in expires_in (typically 24 hours).
You'll need to request a new token when it expires.
Never expose your client_secret in client-side code.

Step 1: Obtain Access Token