4. Authorization & Scope

3.1 API Credential

In order to begin using RemitPro APIs , you need to get access to Client Secret, Client ID, HMAC Key, and HMAC Secret. This crendential is unique for a product and environment.

3.2 Prerequisite

To access the API (production version) provided by RemitPro, partners must fulfill the following requirements:

Partner has established contact and cooperation agreement with the Remitpro business team

Partner provides a server with a static public IP, and has been registered on our system as a whitelist

The server is connected via VPN which we will provide guidance

Partner can only have 1 static public IP per API service we provide

3.3 OAuth2.0

RemitPro APIs use OAuth 2.0 as the authorization framework. To get the access token, you need to be authorized by Client ID and Client Secret.

3.3.1 Access Token

Access_token is an opaque string token that identifies the user of the API. This token is required each time an application calls API. There are several ways to obtain an access_token, which will be described below.

Obtaining Access Token

Access token can be obtained in many ways, depending on the grant_type of the application. To access all the services, you will need the access token with grant_type = client_credentials

Client Credentials Grant

Client_credentials grant will provide application access to API without requiring any user credentials. Any call requested using access_token obtained using this method are made on behalf of the applications instead of the user.
This grant type is designed to be used by server-to-server calls. In order to obtain the access_token, a request must be made with the following specifications.

3.1 API Credential#

3.2 Prerequisite#

3.3 OAuth2.0#

3.3.1 Access Token#

3.1 API Credential

3.2 Prerequisite

3.3 OAuth2.0

3.3.1 Access Token