Authentication
You need to send a request to get an access token to Pivot Server, then you will receive the access token that will expire in 900 seconds (15 minutes). Whenever it expires, you should send another request to get a new access token.
Access Token B2B
Method and URL
POST [BASE_URL]/open-api/v1/access-token/b2b
Request
Request Header
X-TIMESTAMP
String
M
Client's current local time in yyyy-MMddTHH:mm:ssTZD format
X-CLIENT-KEY
String
M
Client ID
X-SIGNATURE
String
M
Non-repudiation & integrity checking: asymmetric signature SHA256withRSA X-SIGNATURE: SHA256withRSA (Private_Key, stringToSign)
stringToSign = client_ID + “|” + X-TIMESTAMP
Request Body
{
"grantType": "client_credentials",
"additionalInfo": {}
}Response
Response Body
{
"responseCode": "2007300",
"responseMessage": "Successful",
"accessToken": "***",
"tokenType": "Bearer",
"expiresIn": "900"
}Access Token B2B2C
Method and URL
POST [BASE_URL]/open-api/v1/access-token/b2b2c
Request
Request Header
X-TIMESTAMP
String
M
Client's current local time in yyyy-MMddTHH:mm:ssTZD format
X-CLIENT-KEY
String
M
Client ID
X-SIGNATURE
String
M
Non-repudiation & integrity checking: asymmetric signature SHA256withRSA X-SIGNATURE : SHA256withRSA
(Private_Key, stringToSign)
stringToSign = client_ID + “|” + X-TIMESTAMP
Request Body
{
"grantType":"authorization_code",
"authCode":"{{bindingId}}", // obtained from account creation and binding callback
"refreshToken":"{{customerRefreshToken}}",
"additionalInfo":{
}
}Response
Response Body
{
"accessToken": "***",
"accessTokenExpiryTime": "2025-11-27T10:46:03+07:00",
"refreshToken": "***",
"refreshTokenExpiryTime": "2025-11-26T10:46:03+07:00",
"responseCode": "2007400",
"responseMessage": "Successful",
"tokenType": "Bearer"
}Last updated