Authentication

Example Request

1
GET /v1/configuration HTTP/1.1
2
Host: global-api-sandbox.afterpay.com
3
Authorization: Basic MzI6YWJjZGVmZ2g=

1
curl "https://global-api-sandbox.afterpay.com/v1/configuration" \
2
  -H 'Authorization: Basic MzI6YWJjZGVmZ2g='

1
var request = require("request");
2
3
var options = {
4
  url: 'https://global-api-sandbox.afterpay.com/v1/configuration',
5
  headers: {
6
    Authorization: 'Basic MzI6YWJjZGVmZ2g='
7
  }
8
};
9
10
request(options, function (error, response, body) {
11
  if (error) throw new Error(error);
12
13
  console.log(body);
14
});

1
require 'uri'
2
require 'net/http'
3
4
url = URI("https://global-api-sandbox.afterpay.com/v1/configuration")
5
6
http = Net::HTTP.new(url.host, url.port)
7
http.use_ssl = true
8
9
request = Net::HTTP::Get.new(url)
10
request["Authorization"] = 'Basic MzI6YWJjZGVmZ2g='
11
12
response = http.request(request)
13
puts response.read_body

1
import requests
2
3
url = "https://global-api-sandbox.afterpay.com/v1/configuration"
4
5
headers = {
6
    'Authorization': "Basic MzI6YWJjZGVmZ2g="
7
}
8
9
response = requests.request("GET", url, headers=headers)
10
11
print(response.text)

The Afterpay Online API uses Basic HTTP Authentication, a simple authentication scheme built into the HTTP protocol, as specified by RFC 7617.

With the exception of Ping, all Online API endpoints require this form of authentication. Failure to correctly authenticate an API request will result in a “401 Unauthorized” response.

Consider the following example:

The credentials are joined by a colon character (without any spaces), then base64-encoded.

The Authorization header can then be formed by including the word Basic, followed by a single space character, followed by the base64-encoded credential pair.