Overview

Authenticating Endpoints

The base urls for staging and production are as follows:

Environment	Base Url
`Staging`	`https://api.staging.pipevest.com/v1`
`Production`	`https://api.pipevest.com/v1`

Authenticating Endpoints

All API endpoints are authenticated using OAuth 2.0 standards. A clientId and clientSecret must be exchanged for a shortlived access token. This access token is then used to authenticate further requests.

Access Token Request

  curl --request POST \
    --url https://api.pipevest.com/v1/auth \
    --header 'Content-Digest: sha-512=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg=:' \
    --header 'Content-Length: 18' \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --header 'Signature: ...' \
    --header 'Signature-Input: ...' \
    --data 'clientId=<client-id>'
    --data 'clientSecret=<client-secret>'

Authenticate Requests with Token

The access token is passed into the authorization header as a bearer token

  curl --request GET \
    --url https://api.pipevest.com/v1/customers \
    --header 'Authorization: Bearer <access-token>' \
    --header 'Signature: ...' \
    --header 'Signature-Input: ...' \
    --header 'X-Client-Id: <client-id>' \

Authentication Concepts

Check out the auth mechanisms used to keep the API secure

Authentication Guide

Understand how to create and revoke auth tokens

Authentication

Guides

API Reference

Authenticating Endpoints

Authentication Concepts

Authentication Guide

Guides

API Reference

​Authenticating Endpoints

Authentication Concepts

Authentication Guide

Authenticating Endpoints