API Overview
- Auth API
- Underwriting API
- Portal
- Prospect Adobe
- Prospect Document
- Prospect Dropbox Files
- Prospect Entities
- Prospect Extras
- Prospect Generate PDF
- Prospect Integration
- Prospect Logs
- Prospect Messages
- Prospect Ofac Search
- Prospect Plaid Email
- Prospect Resellers
- Prospects
- Prospect Scores
- Prospect Scores Average Bank Balance
- Prospect Scores Business Types
- Prospect Scores Equifax Owner Credit
- Prospect Scores Tax Id
- Prospects Scores Average Bank Balances Plaid Transaction
- Prospect Status
- Process API
- Main API
- API Onboarding Tutorial
- Verify API
Merchants - Process API
Introduction
Merchants APIs allow you to perform the activities related to merchants operations.
The Merchants - Process APIs' end points and their functionalities are given below:
API End Point
|
API Functionality
|
GET /Merchants/{code}/Activate
|
Activate Merchant to execute Transactions
|
GET /Merchants/{code}/Ready
|
Verify if the Merchant is ready to execute transactions
|
GET /Merchants/Provisioning
|
This is the Merchant Provisioning module.
Note:
This endpoint allows anonymous access, it does not require authentication.
|
GET /Merchants/Provisioning/{filter}
|
Merchant Provisioning
Note:
This endpoint allows anonymous access, it does not require authentication.
|
POST /Merchants/Provisioning
|
Perform a new Merchant Provisioning
Note:
This endpoint allows anonymous access, it does not require authentication.
|
iCG Authentication Service
iCG APIs are secured by OAuth 2.0 ROPC grant type. The external application must obtain user authorization before it executes an endpoint call incase this API chooses to use OAuth 2.0 ROPC Grant. This authorization includes the following steps:
- You must first exchange the user's credentials for an access token.
- The access token is an object containing information for authorizing client requests and refreshing the token itself.
The end-to-end authorization request is represented in the below diagram.
sequenceDiagram participant Merchant participant ICG (token URL) autonumber Merchant ->>ICG (token URL): Client ID, username, password ICG (token URL)->>Merchant: id_token, access token, refresh token
The above step is to generate access token using the iCG provided Client id and with Merchant's user credentials.
Key Request Parameters
Once you receive the Client ID, and the user credentials, the next step is call the OAuth 2.0 ROPC endpoint to generate the access token.
Element | Value |
Method | POST |
Authorization Type | OAuth 2.0 ROPC |
Auth URI | https://auth.icheckdev.com/ |
Client ID | *****(iCG application audience ID) |
Username | {username} |
Password | {password} |
grant_type | password |
Sample cURL Request
curl -X POST \
--url 'https://auth.icheckdev.com/Login' \
--header 'Accept: application/json' \
--data 'grant_type=password' \
--data 'username={USERNAME}' \
--data 'password={PASSWORD}' \
--data 'client_id={iCG APPLICATION AUDIENCE ID}' \
On receiving the requests, iCG Authorization system validates all the parameters in the request and, if the request pass through the validation process, then it will generate your access token and return it in the response.
Sample Response Body
{
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1laWQiOiJjNjFhY2JhYy02NjA4LTQ3Y2YtYWIxOS0wZWQ2YmY3NTI5MTciLCJ1bmlxdWVfbmFtZSI6IlN1c2VlbGEiLCJlbmNyeXB0ZWRfZW1haWwiOiJGcGJnZ1RqbTNkbXl2cFlWVlVZNnJzcHBDKzcweFIwWGoyeTR1Mm8rc1ZRPSIsInR5cGUiOiIiLCJpc3MiOiJodHRwczovL2F1dGguaWNoZWNrZGV2LmNvbS8iLCJhdWQiOiJmMWZhN2ZmZi05MmU0LTQxMzMtOGQxMC0zNjg2OGM0OTg3YWQiLCJleHAiOjE3MDQ5MDY1MjAsIm5iZiI6MTcwNDgyMDEyMH0.Q03E-HrXto9CBzHcC43qn2wZG5VpUV4hzIfcCuRGWu4"
"token_type":"bearer"
"expires_in":86399
}
The response parameters and their descriptions are:
Parameter | Description |
access_token | The access token to be used to call the functional APIs |
token_type | Bearer |
expires_in | The number of seconds until the access token expires |
. To view our list of APIs, please visit the Process API page.