Menu
Postman API Doc Get started

End user

It is what we classically describe as a contact for machine-2-machine communication.
It is the most common mechanism that customers choose.

Step 1

With an user’s credentials, begin with login.

The YoPass link of the Welcome email will contain the following variables necessary for the API call.

    1. email
    2. auth_client_id
    3. password (if you have updated it when you logged into EBO, please use the current password)

A successful API response will contain the code, which should be used in the next API call.

curl --location -g '{{AUTH_URL}}/login' \

-header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'email={{email}}' \

--data-urlencode 'password={{password}}' \

--data-urlencode 'client_id={{auth_client_id}}' \

--data-urlencode 'state=state'

Step 2

Next, complete Strong Customer Authentication (either with the code in the Authenticator App or an SMS)

  1. The following parameters should be gathered from the YoPass link of the Welcome email. 
    a. redirect_uri
b. auth_client_id
c. The parameter, Authorization in the header should be built by appending the auth_client_secret to auth_client_id using colon (:) as the delimiter between the two parameters.

  2. The the value for code should be gathered from the response of the previous API call.

curl --location -g '{{AUTH_URL}}/token' \
--header 'Authorization: Basic {{credentials}}' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'code={{code}}' \
--data-urlencode 'redirect_uri={{redirect_uri}}' \
--data-urlencode ‘client_id={{auth_client_id}}’

Step 3

Next, get the access token

  1. The YoPass link of the Welcome email will contain the following variables necessary for the API call.
a. redirect_uri
b. The parameter, Authorization in the header should be built by appending the auth_client_secret to auth_client_id using colon (:) as the delimiter between the two parameters.
  2. The value for code should be gathered from the response of the previous API call.
curl --location -g '{{AUTH_URL}}/token' \
--header 'Authorization: Basic {{credentials}}' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'code={{code}}' \
--data-urlencode 'redirect_uri={{redirect_uri}}'
Previous
API Technical contact
Next
Webhooks