Dark Mode

Generate Access Token (B2B) API


The following endpoint generates an access token (B2B):

/access-token/b2b

Run in Postman

Request Header Attributes

Following are the parameters to be sent in the request header:

Content-Type

string
Mandatory

Indicates the media type of the resource. value: application/json

X-TIMESTAMP

string
Mandatory

Timestamp in ISO8601 format, Example: 2024-05-14T18:54:57+07:00

X-SIGNATURE

String
Mandatory

Signature generated with by encrypting client key and timestamp

To know how to generate signature, please visit the Implementation Guide here.

X-CLIENT-KEY

String
Mandatory

Client Key given by Durianpay upon completing registration.

Request Body Attributes

Following are the parameters to be sent in the request body:

grantType

String
Mandatory

Value: AUTHORIZATION_CODE

Example
curl --location 'https://api.durianpay.id/v1.0/access-token/b2b' \
--header 'X-TIMESTAMP: 2024-05-13T15:32:36.422+07:00' \
--header 'X-SIGNATURE: KLJ9KthaIiZSzPqHUMuJRsKOZtYCqqWd5DhfWqYC7OjZ2Qlu0PvQ2wRQF5vfDWsz/qFYEexOXb47+oQBjMhAz4XRNhXBBfwoWxrGTG8iU8EYSDVfChW0NqAWjWIQolhB4UcHn5SybPFRON3rvAOIQTzuEshUA1PNAln8jOKaRmY=' \
--header 'X-CLIENT-KEY: client_id' \
--header 'Content-Type: application/json' \
--data '{
    "grantType": "AUTHORIZATION_CODE"
}'

Response Code

200 - Success

1
2
3
4
5
6
7
{
    "responseCode": "2007300",
    "responseMessage": "Successful",
    "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJEdXJpYW4gTW9uZXkiLCJleHAiOjE3MTU1OTAwNTYsImlhdCI6MTcxNTU4OTE1NiwibWVyY2",
    "tokenType": "BearerToken",
    "expiresIn": "2024-05-13 08:47:36.452492159 +0000 UTC"
  }

401 - Unauthorized - Missing Client Key Header

401 - Unauthorized - Invalid Signature

500 - Internal Server Error

504 - Gateway Timeout