Authorization Header

Basic Auth Authentication Type

Applicable for AccessToken API only.

The Authorization header is in the format of:

Authorization: Basic \<base64 encoded <ClientId>:<SecretKey>>

ClientId and SecretKey to be provided by the Partner for each environment.

An example of an Authorization header is:

Authorization: Basic c3Bhcms6c3BhcmtQQHNzdzByZA==

OAuth Authentication Type

Applicable for APIs: AuthCommit, Void, Transaction Status and Notification

The Authorization header is in the format of:

Authorization: Bearer \<access_token>

access_token is the string returned by the Partner in the AccessToken API response.

An example of an Authorization header is:

Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjEiLCJwaS5hdG0iOiJnbXNoIn0.eyJzY29wZSI6IiIsImF1dGhvcml6YXRpb25fZGV0YWlscyI6W10sImNsaWVudF9pZCI6IlVBSUQxMDYzN01OTWljcm9TZXJ2aWNlcyIsImV4cCI6MTcwNzQ1MTc4N30.XyMens4HVZqSQU7wQMnpr2cuXG9wP454xtKbBdMc3TkRJ4cJOY_JI2t2Q38hbHQH3ZqFppNZd7Hph-qy41Y9muf2nlUPn2QUxYSFLOQbNnWY2JVd9JABXRr5t6hwoSI5ydsMDI0puMTiW6tA2E4jT8VXX1mhv6DZh-wNEo7hx3MHiZ_GNTP45LDoUpbC4bI3kMNY84kgFxRwgisdmpqFftRCb0zIfq19Ukf4DvqHKrFG1xrGkZHSK1ipiKpHF92cZmr-K-hIwHgQ_5yyeHMG95dUWb4s18D1sDrwTBUzb-aTpq5xEkvupk63ngDuCLkWJ83UzGeUpckktKPNRZCrySxbaeewRMwLKSjMyhUuzVIlaP8H5nCWQNYF_dYd72vHazz41_Eubb7HJ6h01sfC1BX0h3TYABKFl67c0XH2Q5QC3hBPU8Mx2hh2_uyQFnRjR-qIVWXJwQzzl3cq9ksk4WIOXXh6pTXUg7rZnu-UMJyjL2V778ZL90e529c3XBUxmIdp9LPEbXXg3zy5vOWcwIIOKO9TuFmpZ_kJP24qvNT07amqE1ekKMkw8icQXKgRcJuvspQdxSZs-O-8qamAShSpkeH7GjgmpnaG-Vp1cK9oovfeBEKl2joRo0kOLnt6UJmD4xE_SDtZQdR-4sI9gOddO1UOW4KIcDZUs3QwvJY

Note: IP Whitelisting needs to be done by partner to allow GD to call and connect to the partner's hosted APIs.