The base urls for staging and production are as follows:

EnvironmentBase Url
Staginghttps://api.staging.pipevest.com/v1
Productionhttps://api.pipevest.com/v1

Authenticating Endpoints

All API endpoints are authenticated using OAuth 2.0 standards. A clientId and clientSecret must be exchanged for a shortlived access token. This access token is then used to authenticate further requests.

1

Access Token Request

  curl --request POST \
    --url https://api.pipevest.com/v1/auth \
    --header 'Content-Digest: sha-512=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg=:' \
    --header 'Content-Length: 18' \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --header 'Signature: ...' \
    --header 'Signature-Input: ...' \
    --data 'clientId=<client-id>'
    --data 'clientSecret=<client-secret>'
2

Authenticate Requests with Token

The access token is passed into the authorization header as a bearer token
  curl --request GET \
    --url https://api.pipevest.com/v1/customers \
    --header 'Authorization: Bearer <access-token>' \
    --header 'Signature: ...' \
    --header 'Signature-Input: ...' \
    --header 'X-Client-Id: <client-id>' \

Authentication Concepts

Check out the auth mechanisms used to keep the API secure

Authentication Guide

Understand how to create and revoke auth tokens