Virtual Account Services
    Virtual Account Services
    • Introduction
    • Terminologies
    • Webhooks
    • Authentication
    • Account
      • Create Account
        POST
      • Rename Account
        POST
      • Balance Inquiry
        GET
      • Create Bulk Accounts
        POST
      • List Accounts
        GET
    • Transaction
      • Credit Account
        POST
      • Debit Account
        POST
      • Credit Account [Agency Banking]
        POST
      • Debit Account [Agency Banking]
        POST
      • Transaction Query
        GET
      • Transaction Details
        GET
      • Transaction History
        GET
    • Transfer
      • Get Institutions
        GET
      • Name Inquiry
        POST
      • Interbank Transfer
        POST
      • Interbank Transfer [Sync]
        POST
      • Transfer Query
        GET
      • Transfer Enquiry
        GET
      • Virtual Account Intrabank Transfer
        POST
      • Core Banking Intrabank Transfer
        POST
      • Collection Accounts Intrabank Transfer
        POST
    • Invoice
      • Create Invoice
        POST
      • Get Invoice Detail
        GET
      • List Merchant Invoices
        GET
    • Refunds
      • Initiate Refund
      • Get Refund Status
      • Get Refunds
    • Notifications
      • Notification
      • Send Notification
    • Merchant
      • Account
        • Get Account
        • Activate Sub Ledger For Merchant
        • Get SubLedger Callback Urls
        • Set SubLedger Callback Urls
        • Get Collection Accounts
      • Transfer
        • Get Transfer History
        • Get Subledger transfers
        • Get Transfer Details
        • Name Inquiry
      • Refund
        • Refund Details
    • Admin
      • Accounting
        • Get GL Accounts
        • Get Classification Codes
      • Dashboard
        • Dashboard Summary
        • Dashboard Transactions
        • Dashboard Transaction Details
      • Group Codes
        • Get Group Codes
        • Set Collection Account
        • Create Group Code
      • Reporting
        • Get Report Types
        • Get Report Parameters
        • Create Report
        • Get Reports
        • Get Reports Details

    Authentication

    Overview#

    The Virtual Account Services uses OAuth 2.0 Client Authentication to ensure secure access and protect customer data. This authentication method allows authorized applications to interact with the API while preventing unauthorized access.
    OAuth 2.0 provides a robust, token-based authentication mechanism that enables secure communication between clients and the banking system without exposing sensitive credentials.

    Authentication Flow#

    The OAuth 2.0 authentication process follows these steps:

    1. Credentials#

    Before accessing the API, developers must obtain the following from the financial institution:
    1.
    Client ID
    2.
    Client Secret Key
    3.
    Host URL
    4.
    Token URL
    To request these credentials, contact the financial institution.

    2. Token Request#

    A POST request must be sent to the token URL to obtain an access token. Below is an example of a token request.



    3. Token Response#

    If authentication is successful, the API returns an Access Token, which is required for subsequent requests.
    The token has an expiration time, after which a new token must be requested.



    4. Authorized Requests#

    Once an OAuth 2.0 access token is obtained, it must be included in API requests to authenticate and authorize access to protected resources. The Authorization header in the request must contain the access token in the Bearer Token format.

    Modified at 2025-04-03 20:42:26
    Previous
    Webhooks
    Next
    Create Account
    Built with