Overview
Before integrating a SmartFastPay product or solution, you must set up your development environment to get OAuth 2.0 Client ID and Secret credentials for the sandbox and live environments.
You exchange these credentials for an access token that authorizes your REST API calls. To test your web and mobile apps, you create sandbox accounts
Logging into the Smart Platform to get credentials and create sandbox accounts requires a developer, support, or admin account. Each account provides different levels of access to API functionality.
Capabilities | Developer Account | Support Account | Admin Account |
---|---|---|---|
Access Smart Platform | x | x | x |
Customize Payment Page | x | x | |
Create New Users | x | ||
Create Credentials | x | ||
Manage Transactions (Just on Sandbox Env.) | x | x | |
Generate Reports | x | x |
Get credentials
To generate REST API credentials for the sandbox and live environments:
Log in to the Smart Platform with your account.
Under the MANAGEMENT menu, select Credentials.
Remember to write down the chosen client_secret, once saved, there is no way to recover it, you will need to create a new one.
Get an access token
Your access token authorizes you to use the SmartFastPay REST API server. To call a REST API in your integration, exchange your client ID and secret for an access token in an OAuth 2.0 token call. While there are a few ways to get a token, here are examples using both the Postman app and a cURL command.
Your own environment's HTTP library or function may have username
and password
fields or an auth
parameter in which you pass your client ID and secret. You can also add your Base64 encoded client ID and secret in an Authorization: Basic
header.
Make REST API calls
In REST API calls, include the URL to the API service for the environment:
Sandbox:
https://sandbox.smartfastpay.com
Live:
https://api.smartfastpay.com
Also, include your access token to prove your identity and access protected resources.
This sample call, which shows the Transaction creates, includes a bearer token in the Authorization request header. This type of token lets you complete an action on behalf of a resource owner.
The response shows the page or url, choosed by redirect type: