To start using the Tilia Pay APIs, you will need to obtain an access token. Access tokens are generated using the client ID and secret you were provided upon registering as an integrator. Access tokens have a limited lifetime and expire after one hour.

This guide will walk you through the steps needed to obtain an access token, so you can begin developing.

Step 1. Obtain your client ID and secret

Step 2. Create an access token

Step 3. Use your access token

This quickstart assumes you are testing in the Staging Environment and uses the base URL of https://auth.staging.tilia-inc.com.

Step 1. Obtain your client ID and secret

When you register as a Tilia Pay integrator, you are provided with a client ID and secret that are used to authenticate your application. It is important that you keep your client ID and secret secure, as anyone who has access to it can impersonate your application.

If you do not have a client ID and secret, contact us.

Step 2. Create an access token

Make a POST request to the authentication service to get an access token. Your request must contain your client ID and secret, a grant type of client credentials, and a set of scopes. Information about the scopes required for each endpoint is found in the API reference.

In the request below, we are using the scope write_registrations, which enables you to create user accounts.

curl --location --request POST 'https://auth.staging.tilia-inc.com/token?client_id=<your-client-id>&client_secret=<your-client-secret>&grant_type=client_credentials&scope=write_registrations'

The authorization service returns a JSON response with the access token, token type, expiry time (in seconds), and scope.

    "access_token": "<Access_Token>",
    "token_type": "Bearer",
    "expires_in": 3600,
    "scope": "write_registrations"

Step 3. Use your access token

After authenticating, include a token with each API request. Pass the token using the HTTP Authorization header with the bearer keyword. The request below can be used to validate your API token.

curl --location --request GET 'https://auth.staging.tilia-inc.com/v4/token/validate' \
--header 'Authorization: Bearer <Access_Token>'

A valid token will return a 200 response. An invalid token will return an error response.

Once you've created a valid token, you may want to check out our Developer Guides or create a user account to use for testing.