Authentication

If the answer to any of the questions below is a ‘No’, then it might explain why the authentication is failing.

• Did you receive the Welcome email from Ebury? It contains a 1-time only YoPass link, URLs to our authentication and application services, link to our public documentation and our contact details.
• Have you already logged into EBO successfully with the credentials you received from Ebury?
• Did you use the following data points from the Welcome email correctly in the API call?

auth_client_id: This is the id generated specifically for setting up the API implementation for the client.
This is not the same as the client_id registered in Salesforce. Please make sure to get the auth_client_id from the YoPass link of the Welcome email only.

auth_client_secret: This should be used to generate the Authorization header in the API calls. This, along with the auth_client_id will make the 2 halves of the Authorization value.

The code is a part of the API response when you call the endpoint, POST/login. The code is critical to the follow-up API calls to complete the authentication. For more details, please see the Authentication section.

Access token is the only way to communicate with the other APIs post authentication. 
The access token has a said lifespan. Once the access token has expired, there are 2 ways to get another access token.

• Use the refresh token, with this endpoint and directly get a new access token.
• Restart the authentication process by providing the credentials again, and (possibly) complete SCA.

It is more standard to use the refresh token to get a new access token. 
Refresh tokens have longer life spans.

The access token is valid for 60 minutes from the time of creation. In the near future, you will be able to derive the lifespan directly from the access token without having to remember it.