POST /oauth/token Receive access token

Request

API Base URL

Headers

Authorization: Basic {base64()}
Content-Type: application/x-www-form-urlencoded

Body * required

Key	Value	Description
grant_type *	password	Determines OAuth2-Flow to be used. Must be 'password' in this case.
scope	admin merchant	Requested scope is set to 'admin merchant'. Will only grant those scopes that were previously assigned to the merchant by an administrator.
username *		A merchant's username for authentication.
password *		A merchant's password for authentication.

Request Example

curl -X POST '{{ api_base }}/oauth/token'\
  -H "Authorization: Basic {{ at_clientcredentials | base64 }}"\
  -d "grant_type=password"\
  -d "scope=admin merchant"\
  -d "username={{ at_username }}"\
  -d "password={{ at_password }}"\
  -i

Status: {{ response_data.post_access_token.status }} {{ response_data.post_access_token.statusText }}

{{ response_data.post_access_token.response }}

Response

200 OK	{ "access_token": "{access token}", "expires_in": 900, "token_type": "Bearer", "scope": "merchant", "refresh_token": "{refresh token}" }
400 Bad Request	{ "error": "unsupported_grant_type" }
401 Unauthorized	{ "error": "invalid_client" }
401 Unauthorized	{ "error": "invalid_grant" }

POST /oauth/token Receive refresh token

Request

API Base URL

Headers

Authorization: Basic {base64()}
Content-Type: application/x-www-form-urlencoded

Body * required

Key	Value	Description
grant_type *	refresh_token	Determines OAuth2-Flow to be used. Must be 'refresh_token' in this case.
scope	admin merchant	Requested scope is set to 'admin merchant'. Will only grant those scopes that were previously assigned to the merchant by an administrator.
refresh_token *		Refresh token previously received together with access token during initial authentication.

Request Example

curl -X POST '{{ api_base }}/oauth/token'\
  -H "Authorization: Basic {{ rt_clientcredentials | base64 }}"\
  -d "grant_type=refresh_token"\
  -d "scope=admin merchant"\
  -d "refresh_token={{ rt_rtoken }}"\
  -i

Status: {{ response_data.post_refresh_token.status }} {{ response_data.post_refresh_token.statusText }}

{{ response_data.post_refresh_token.response }}

Responses

200 OK	{ "access_token": "{new access token}", "expires_in": 900, "token_type": "Bearer", "scope": "merchant", "refresh_token": "{new refresh token}" }
400 Bad Request	{ "error": "unsupported_grant_type" }
400 Bad Request	{ "error_description": "Missing refresh token parameter.", "error": "invalid_request" }
401 Unauthorized	{ "error": "invalid_client" }
401 Unauthorized	{ "error": "invalid_grant" }

POST /oauth/revoke Revoke token

Request

API Base URL

Headers

Authorization: Basic {base64()}
Content-Type: application/x-www-form-urlencoded

Body * required

Key	Value	Description
token *		Token to revoke

Request Example

curl -X POST '{{ api_base }}/oauth/revoke'\
  -H "Authorization: Basic {{ rt_clientcredentials | base64 }}"\
  -d "token={{ rv_token }}"\
  -i

Status: {{ response_data.post_revoke_token.status }} {{ response_data.post_revoke_token.statusText }}

{{ response_data.post_revoke_token.response }}

Responses

200 OK	{ "success": "token revoked" }
400 Bad Request	{ "error": "token not defined" }
401 Unauthorized	{ "error": "invalid_client" }

POST /payments Add a new payment merchant

Request

API Base URL

Headers Authorization: Bearer
Content-Type: application/json

Body * required

Key	Value	Description
subject *
amount *
currency *		Choose from 'EUR' and 'USD'
payment_type *		Choose from 'once','weekly','monthly','quarterly','annually',
cc_token *		Enter a previously used creditcard's token or enter creditcard information in the according fields
cc_no *
cc_cvv *
cc_exp_mm *
cc_exp_yyyy *
cc_givenname *
cc_surname *
company
givenname
surname
street
street_no
postal_code
city
state
country
email
phone
mobile

Request Example

curl -X POST '{{ api_base }}/payments'\
  -H 'Authorization: Bearer {{ access_token }}'\
  -H "Content-Type: application/json"\
  -d '{
        "{{ key }}":"{{ value }}",

      }'\
  -i

Status: {{ response_data.post_payment.status }} {{ response_data.post_payment.statusText }}

{{ response_data.post_payment.response }}

Responses

201 OK	{ "payment_token": "abff2abd-2f29-46a2-86b8-97a8bafaa2fa" }
400 Bad Request	{ "error": "bad request" }
400 Bad Request	{ "error": "creditcard number not valid" }
400 Bad Request	{ "error": "creditcard expired" }
401 Unauthorized	{ "error":"unauthorized" }

GET /payments Show all your payments merchant

Request

API Base URL
Headers	Authorization: Bearer
Request Example	Sample Try it out curl -X GET '{{ api_base }}/payments'\ -H 'Authorization: Bearer {{ access_token }}'\ -i Status: {{ response_data.get_payments.status }} {{ response_data.get_payments.statusText }} {{ response_data.get_payments.response }}

Responses

200 OK	[ { "amount": "123.45", "currency": "EUR", "payment_status": "open", "payment_token": "abff2abd-2f29-46a2-86b8-97a8bafaa2fa", "subject": "socks", "date":"2017-12-12T11:55:26.000Z" } ]
400 Bad Request	{ "error": "bad request" }
401 Unauthorized	{ "error":"unauthorized" }

200 OK

[
    {
        "amount": "123.45",
        "currency": "EUR",
        "payment_status": "open",
        "payment_token": "abff2abd-2f29-46a2-86b8-97a8bafaa2fa",
        "subject": "socks",
        "date":"2017-12-12T11:55:26.000Z"
    }
]

400 Bad Request

{
  "error": "bad request"
}

401 Unauthorized

{
  "error":"unauthorized"
}

GET /payments/{paymentToken} Show payment by token (only last 4 digits of PAN) merchant

Request

API Base URL
Payment Token
Headers	Authorization: Bearer
Request Example	Sample Try it out curl -X GET '{{ api_base }}/payments/{{ payment_token }}'\ -H 'Authorization: Bearer {{ access_token }}'\ -i Status: {{ response_data.get_payment.status }} {{ response_data.get_payment.statusText }} {{ response_data.get_payment.response }}

Responses

200 OK	{ "amount": "123.45", "city": Some City, "company": "Some Company", "country": "Germany", "email": "admin@domain.de", "givenname": "Max", "surname": "Mustermann", "mobile": "015987654321", "phone": "043211234567", "postal_code": "54321", "state": "Hessen", "street": "Hauptstraße", "street_no": "3a", "cc_exp_mm": "04", "cc_exp_yyyy": "2020", "cc_givenname": "Max", "cc_surname": "Mustermann", "cc_no": "xxxx xxxx xxxx 1111", "currency": "EUR", "merchant_id": 2, "payment_status": "open", "payment_token": "abff2abd-2f29-46a2-86b8-97a8bafaa2fa", "payment_type": "once", "subject": "socks", "date":"2017-12-12T11:55:26.000Z" }
400 Bad Request	{ "error": "bad request" }
401 Unauthorized	{ "error":"unauthorized" }
404 Not Found	{ "error":"not found" }

GET /creditcards Show all your credit cards (only last 4 digits of PAN) merchant

Request

API Base URL
Headers	Authorization: Bearer
Request Example	Sample Try it out curl -X GET '{{ api_base }}/creditcards'\ -H 'Authorization: Bearer {{ access_token }}'\ -i Status: {{ response_data.get_creditcards.status }} {{ response_data.get_creditcards.statusText }} {{ response_data.get_creditcards.response }}
200 OK	[ { "cc_exp_mm": "05", "cc_exp_yyyy": "2018", "cc_givenname": "Max", "cc_surname": "Mustermann", "cc_no": "xxxx xxxx xxxx 4242", "cc_token": "2b282d92-6132-425e-b7ee-db235ad07270" } ]
400 Bad Request	{ "error": "bad request" }
401 Unauthorized	{ "error":"unauthorized" }

GET /creditcards/{creditcardToken} Show credit card by token (only last 4 digits of PAN) merchant

Request

API Base URL
Credit Card Token
Headers	Authorization: Bearer
Request Example	Sample Try it out curl -X GET '{{ api_base }}/creditcards/{{ creditcard_token }}'\ -H 'Authorization: Bearer {{ access_token }}'\ -i Status: {{ response_data.get_creditcard.status }} {{ response_data.get_creditcard.statusText }} {{ response_data.get_creditcard.response }}
200 OK	{ "cc_exp_mm": "05", "cc_exp_yyyy": "2018", "cc_givenname": "Max", "cc_surname": "Mustermann", "cc_no": "xxxx xxxx xxxx 4242", "cc_token": "2b282d92-6132-425e-b7ee-db235ad07270" }
400 Bad Request	{ "error": "bad request" }
401 Unauthorized	{ "error":"unauthorized" }
404 Not Found	{ "error":"not found" }

GET /img/{filename} Download profile picture (shall be accessible by everyone without authentication)

Request

API Base URL
Filename
Request Example	Sample Try it out curl -X GET '{{ api_base }}/img/{{ filename }}' Status: {{ response_data.get_img.status }} {{ response_data.get_img.statusText }} {{ response_data.get_img.negative? response_data.get_img.response :'' }}
200 OK
400 Bad Request	{ "error": "bad request" }
404 Not Found	{ "error":"not found" }

Dubius API Documentation

Introduction

Authorization

RESTful API-Routes

Authorization

POST /oauth/token Receive access token

Request

Response

POST /oauth/token Receive refresh token

Request

Responses

POST /oauth/revoke Revoke token

Request

Responses

Payments

POST /payments Add a new payment merchant

Request

Responses

GET /payments Show all your payments merchant

Request

Responses

GET /payments/{paymentToken} Show payment by token (only last 4 digits of PAN) merchant

Request

Responses

GET /creditcards Show all your credit cards (only last 4 digits of PAN) merchant

Request

GET /creditcards/{creditcardToken} Show credit card by token (only last 4 digits of PAN) merchant

Request

Others

GET /img/{filename} Download profile picture (shall be accessible by everyone without authentication)

Request