Authentication
Authentication endpoints provide operations required to:
- Create new users in Dapi's system
- Connect their bank accounts to your application
- Retrieve permanent
access token
of the user to perform payment operation and obtain user financial data fromPayment
andData
endpoints - Invalidate user token
Access Tokens
Access tokens allow your app to access the Dapi API. They are permanent for the user. Therefore once it is obtained it does not need to be refreshed, unless the token has been delinked.
They typically perform two functions:
- Perform user specific operations with the API
- Interact with the Dapi system
Absolute majority of the Dapi API endpoints require an access token, so each time you access an endpoint, your request may require one. Check each endpoint references for token requirements.
How To Obtain A Token
Below you can find process diagram of how to obtain user access token.

Process Of Obtaining User Access Token
Dapi Login Using Connect
Dapi provides Connect
layer that you can use to authenticate user in the Dapi system and obtain user access code
.
To read more about how to initialize Connect
layer and authenticate user in the system refer to our Connect Layer documentation
After successful user authentication in the Connect
layer, you will get following response:
{
"success": true,
"accessCode": "access_code_value",
"userSecret": "user_secret_value",
"connectionID": "connection_id_value",
"userID": "user_id_value",
"tokenID": "token_id_value"
}
You will need accessCode
and connectionID
from the response to obtain a user token.
Please Note
Access Code is only valid for 30 minutes. It must be exchanged for Access Token within this 30 minutes, otherwise the code will become ineffective.
Exchange Access Code For Access Token
Token must be obtained using ExchangeToken
method. To generate a successful request you will need:
accessCode
connectionID
appSecret
To read more on how to obtain accessCode
and connectionID
please refer to Connect Layer Documentation ]
To read more on how to register app and obtain app keys please refer to Getting your API keys]
Request body for exchanging accessCode
for accessToken
looks following:
{
"appSecret": "app_secret_value",
"accessCode": "access_code_value",
"connectionID": "connection_id_value"
}
Successful exchangeToken
response looks following:
{
"success": true,
"accessToken": "access_token_value"
}
Updated 6 months ago
Now that you are more familiar with Authentication process and how to obtain Access Token, you can read more about ExchangeToken
method or Connect
layer