Logo Blue Finalse
Console 
  Français   English


C#


  • GETTING STARTED
  • Authentication
  • Hello World
  • Pricing
  • Rate Limit
  • USE CASES
  • FPay UI Integration
  • Custom UI Integration
  • Interoperability  New
  • Payment links and QRCodes
  • Third Parties Money  New
  • Audit & Dashboard  New
  • REFERENCES
  • Attempt
  • AuthAccess
  • Deposit
  • FundRequest
  • QuasiTransfer
  • Transaction
  • Transfer
  • Wallet
Logo Blue FinalseLogo Blue Finalse
Javascript
Console 
  Français   English
  • GETTING STARTED
  • Authentication
  • Hello World
  • Pricing
  • Rate Limit
  • USE CASES
  • FPay UI Integration
  • Custom UI Integration
  • Interoperability  New
  • Payment links and QRCodes
  • Third Parties Money  New
  • Audit & Dashboard  New
  • REFERENCES
  • Attempt
  • AuthAccess
  • Deposit
  • FundRequest
  • QuasiTransfer
  • Transaction
  • Transfer
  • Wallet

Authentication

Creating AuthAccess  

Before you can programmatically authenticate with the FPay API, you must create an AuthAccess object. To do this, you need to go to the AuthAccess tab in the menu of your console .

This object manages authentication and authorizations during interaction between your system and ours. For the moment, it is possible to define the following authorizations on this object:

  •   money-in-only : Only API requests to bring money into your account can be made with this AuthAccess object.
  •   read-only : Only read API requests can be made with this AuthAccess object. It will be possible for example to retrieve the transaction list programmatically and impossible to transfer money or to create another new AuthAccess object.
  •   read/money-in : Only read API requests AND requests to bring money into your account can be made with this AuthAccess object.
  •   read-write/no-money-out : Read or write API requests can be made but it won't be possible to transfer money out of your account. Note that it is also impossible to create an AuthAccess with this object that will allow transfer money out of your account.
  •   full-access : All possibles API requests on your account can be done with this object
Information
Regarding access control, our engineers are currently working on a more advanced system of permissions and authorizations management. You will have more choices than the previous permissions in a near future update that will be retro-compatible with any code written now.
More powerful than ACL (Acces Control List) and RBAC (Role Based Access Control), the ABAC (Attribute-based access control)  paradigm will be used for this radically innovative permission system.

Using AuthAccess  

Any AuthAccess object created has several attributes of which the 2 main ones that will be useful immediately are the following :

  •   token
  •   secretKey
Please note the value of each of these 2 fields, they will be used to configure your connection to the FPay API.
We are in the most important part of this page. We cannot emphasize enough on security and regarding this, we recommend you to read carefully the following message.
Important
The value of the field named secretKey must be kept absolutely secret and used only on your servers. This implies that you should never use the value of this field as a variable or constant in the source code of a mobile application, a web application or in the source code of any application whose binary may be public and visible to all. There are many tools to access strings in the source code from a binary around here. We will explain later how to collect money via a mobile application.

 AUTHENTICATION
  • Creating AuthAccess
  • Using AuthAccess