Tokens
This is the core way of authentication for the Wallet App API. Tokens are used to authenticate requests to the API. Tokens are generated by the Wallet App API and are used to identify the user making the request.
The token model
The token contains information referencing the the user requesting it. The token also needs to be used in the header of the request to the API. For each requested token a list of scopes need to be provided.
Properties
- Name
name- Type
- string
- Description
The name of the requested token.
- Name
last_used_at- Type
- timestamp
- Description
The date and time the token was last used.
- Name
token- Type
- string
- Description
The token itself.
- Name
user_id- Type
- string
- Description
The UUID of the user that requested the token.
- Name
permissions- Type
- array
- Description
The list of permissions the token has.
Request a token
This endpoint allows you to programmatically request an api token
Optional attributes
- Name
email- Type
- string
- Description
The email of the user requesting the token.
- Name
password- Type
- string
- Description
The password of the user requesting the token.
- Name
permissions- Type
- array
- Description
The list of permissions the token has. e.g.
[ "device.get", "device.store", "location.get", "passes.get", "tags.get", "tags.store", "passes.remove", "passes.update", "members.get", "members.store", "passes.store", "location.store", "search.pass", "product.get", "product.store", "brand.get", "brand.import", "scan.url", "coupons.get", "coupons.store", "coupons.update", "coupons.delete", "offers.get", "offers.store", "offers.update", "offers.delete", "storecards.get", "storecards.store", "storecards.update", "storecards.delete", "brands.get", "brands.store", "brands.update", "brands.delete", "marketplace.get", "marketplace.store", "templates.get", "template.update", "import", "shops.get", "shops.update", "shops.inventory.update", "shops.inventory.get", "shops.inventory.store", "shops.inventory.delete", "shops.domains.get", "shops.payments.get", "shops.payments.store", "shops.payments.delete", "leads.get", "leads.store", "leads.update", "leads.delete", "devices.get", "devices.store", "devices.update", "devices.delete", "rules.get", "rules.store", "rules.delete", "rulesets.get", "rulesets.store", "rulesets.delete", "locations.get", "locations.store", "locations.update", "locations.delete", "totalwash.get", "totalwash.store", "lpr.get", "lpr.store", "lpr.update", "lpr.delete", ]
Request
curl -X POST https://api.walletapp.co/oauth/token
-H "Content-Type: application/json"
-H "Accept: application/json"
-d '{
"email": "<your_email>",
"password": "<your_password>",
"permissions": "<array_of__your_scopes>"
}'
Response
{
"success": true,
"data": {
"key": "<your_authentication_key>",
"email": "<your_email>",
"permissions": [
"<permission>",
...
]
}
}
Token information
This endpoint allows you to programmatically get information about a token such as the permissions it has.
Required headers
- Name
Authorization- Type
- string
- Description
The token itself as a bearer token.
Request
curl -X GET https://api.walletapp.co/oauth/token
-H "Content-Type: application/json"
-H "Accept: application/json"
-H "Authorization: Bearer <your_token>"
Response
{
"name": "APITOKEN_b3ace001-c6fd-4047-864f-cd88a7ae8b2c",
"last_used_at": "<timestamp>",
"token": "<your_token>",
"user_id": "<user_uuid>",
"abilities": [
"<permission>",
...
]
}
Delete your token
This API allows you to delete the current token. This can be used to revoke access to your account for the token. This is useful if you want to revoke access to your account for a third party application.
Required headers
- Name
Authorization- Type
- string
- Description
The token itself as a bearer token.
Request
curl -X DELETE https://api.walletapp.co/oauth/token
-H "Content-Type: application/json"
-H "Accept: application/json"
-H "Authorization: Bearer <your_token>"
Response
{
"success": true,
"message": "Token deleted"
}