Favrit uses standard OAuth 2.
If your implementation doesn't support Oauth 2, you may generate an access token by making a direct request, as described below.
To get <access_token>, you need to generate base64 value from your ClientId and SecretId using a colon (:) separator (i.e <ClientId>:<SecreteId>) and send authentication request like below.
Request Sample:
curl --location --request POST 'https://accounting-api-auth.favrit.com/oauth2/token' \
--header 'Authorization: Basic ***************' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=prod/user prod/accounting prod/transaction'
Here *************** is the base64 valuer of your <ClientId>:<SecreteId>
Response Sample:
{
"access_token": "eyJraWQiOiI3ZFU5Y2ljU0RMemlEQTdQNEVLVUpheEZ5TWgrMU1YNWJNazJOQWZLUVdRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiIxYjhzYzA3czl1c2twamNibjk2ZTF0ZTVmNCIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoicHJvZFwvYWNjb3VudGluZyIsImF1dGhfdGltZSI6MTYzNDA5Nzk2MywiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLmV1LW5vcnRoLTEuYW1hem9uYXdzLmNvbVwvZXUtbm9ydGgtMV9TdHdiQzBTZ0ciLCJleHAiOjE2MzQxMDE1NjMsImlhdCI6MTYzNDA5Nzk2MywidmVyc2lvbiI6MiwianRpIjoiNjJjNjk1M2YtMzBjMC00MjM3LWJkYWUtNDg0YTBlZDhmZmFmIiwiY2xpZW50X2lkIjoiMWI4c2MwN3M5dXNrcGpjYm45NmUxdGU1ZjQifQ.FM_uiOpLRm3tn42kefpkgDyicZGrruKXGf9Z4xYCudR8i6KGHEYw8ne6LPYtVQwYvBNuoCk54Dy90QLVXlXYob9EBH-hKlrymY0lnGxlKcSr9urswwqsTYHW5t3WyoX55cNw6cO5Dzxkdvk_vkXvXFVe7G4uM21OTDp_i6uuDdrBJjJea0lCW28TTmar_1nnHRLrMbDM_FjMqBhaFqGF0FUt8ppo3FHQlHTWEwhxlMUbIEjI01ScC3hd460E0_313QQTH12WdgpqWwxTjI0kqtRmvh6ZzuxWcL4OQ2v6BFhinaQU7SLCgHanNswhdHsCLUx9Xw-trvqqfL49I46ybg",
"expires_in": 3600,
"token_type": "Bearer"
}
The access token should be used as Authorization Token(i.e Bearer <access_token>) for subsequent API call. Here expires_in value is represented at second which means it will be expired after 3600 second.