I want to make a interface so that user can register and login themselves at citrus using PHP technology and use that wallet in their payment. Does citrus provide any API for this?
Yes, Citrus-Pay does provide APIs for Integrating with Wallet where you can define your own interface.
Alternatively, you may also use the standard UI provided by Citrus. If you want to go forward with APIs,
1) Get a signup token using the API mentioned in this link: https://developers.citruspay.com/documentation/wallettab/identity-profile/oauth-token-api/
2) Call Find Or Create User API as next step. This API will trigger an OTP to the customer's mobile number passed in the request.(A Citrus Wallet is uniquely identified by a mobile number)
API on dev guide: https://developers.citruspay.com/documentation/wallettab/identity-profile/find-or-create-a-wallet/
3) Now this OTP has to be entered in an appropriate API.Which API to be used is told in the response of find or create wallet API called in step 2. (Password-based login is also supported).
It could be sign in with MOTP API ( for an existing citrus wallet customer) or verify mobile and sign API ( for new wallet accounts just being created)enter link description here
4)You will get a full access token (prepaid_pay) in response.Pass this in header of all other APIs which you need to call on behalf of user.
5)For Eg: To make a payment using the customers existing wallet balance , use the following API : https://developers.citruspay.com/documentation/wallettab/pay-using-citrus-wallet/make-payment/
Hope this helps
Related
I want to create a webapp using Laravel framework with a sort of custom authentication system.
I 've an external API like this
https://xxx.xxx.xxx.xx/subscribers/v1/?source=XXX&licenseplate=AB123AS
and to use this api i need to generate a token that after some period expires.
To generate this token i need to consume this service
https://xxx.xxx.xxx.xx/oauth/v2/accesstoken?grant_type=client_credentials
This Api tells me if the customer is covered or not and has as input parameters: source and license plate.
So my goal is to create a login form with these 2 parameters (source and license plate) input by customer that consume that API and only if it returns covered, customer can access a reserved area and do some stuff.
How can i do this in Laravel?
I have to create a new service provider, new user model and guard? How? :S or use in some way auth2.0 integration?
Thanks
I have API backend and it will be consumed by different consumers like our own company website and even other website can use our API with certain quota/limitation and for this scope management we will be using express-gateway(eg), however this is not the only reason I am using express-gateway(eg). Now coming to my problem/miss-understanding, for our own website we can create api-key and user credentials using eg command. But for the other user who wishes to use our api, I don’t want them to contact me for this integration, rather they should be able to create a user credentials and API key themselves using some facility (let us call it key management) provided by us. Here I am stuck how to give a web platform or any other mechanism where a user can create account and then create api-key for their own website. I was thinking to extend the express-gateway app itself and create page where a website owner can fill the form with various input field that will serve as parameter for eg command and I can trigger eg command in node console and create credentials and save it in redis database and then fetch those information to show it to user as their use rid and api-key. But I want to know the best way how others are doing, like how google, twitter and many more are allowing to create api-key, delete key and regenerate the api-key on compromise. Some suggestion would be to use third party tool to manage user-credentials, I will have little inertia to accept that, even if I do so how will I hook those third-party solution to my express-gateway.
In general, API gateways and authentication servers are independent, or at least loosely-coupled. The typical workflow is:
A user browses to the Create Account page for a service.
The user creates an account with the authentication server
The user makes a request through the API gateway
The API gateway checks with the authentication server whether the operation is allowed, discarding it if the user is not authorized to perform the requested action
The API gateway dispatches the request to the appropriate server
The receiving server checks whether the user is permitted to perform the action (in case the API gateway has been compromised)
Express Gateway includes its own authentication server for convenience, but the steps are basically the same. The difference is that one uses the Express Gateway Admin API to create the user and credentials rather than going to a different server.
Note that Express Gateway and its default account database (reddis) are not persistent out of the box.
As my app is designed using flutter and all my app endpoints are created using Springboot. So can call direct APIs using Feignclient in Springboot to create my own endpoint to list all the envelopes for one recipient?
Do we have any endpoint to get all the envelopes by using the recipient name or email id? for example XYZ user needs to sign in 2 envelopes then using XYZ can we be able to fetch those 2 envelopes?
Yes, you are very welcome to call the eSignature REST API directly and not use an SDK. Use API version 2.1. About half of the developers who use the API do so directly.
Updated: authentication
To call the eSign REST API, each of your API calls must include authentication via an access token. You can obtain an access token via an OAuth flow.
If your users have DocuSign user accounts, then they should login/authenticate via Implicit grant assuming that you're using Flutter for a mobile app.
If your users don't have DocuSign accounts (they are signers, not senders), then you need to have a backend server that can securely use the JWT grant flow to obtain an access token on behalf of a "system" account such as "finance#example.com"
If you have questions about authentication, please open a new question on StackOverflow.
https://developers.docusign.com/docs/esign-rest-api/reference/envelopes/envelopes/liststatuschanges/
This endpoint has lots of filtering options including:
email={email_address} Limit results to envelopes sent by the account user with this email address.
user_name must be given as well, and both email and user_name must refer to an existing account user.
user_name={user_name} Limit results to envelopes sent by the account user with this user name.
email must be given as well, and both email and user_name must refer to an existing account user.
I had a "sign in with Google+" function in my web-app. Upon signing in I would show user's email and name on the page and save it to database. To fetch user's profile data after sign in I used Google+ API method people.me with access_token in GET params.
Google+ API is going to shut down on March 7. I have to migrate to Google People or some other api. How do I achieve the same goal with a different google API? I need to fetch email and name by known auth token.
We use this through Laravel's Socialite, and they're replacing it with:
https://www.googleapis.com/userinfo/v2/me
You may want the profile scope as part of the OAuth flow to make the profile data accessible through this methods. Otherwise it will return incomplete data.
I am in the process of integrating Plaid and Stripe, but do not want to use the Plaid Link module to do this.
Once I use the Plaid 'auth' api to authorize a bank account, is there an end-point I can hit to send the information over to Stripe. Note that Plaid's 'exchange-token' end-point does not work as I need a public token to access the end-point.
I had this same issue and opened a support ticket with Plaid. I was told that I need to use Plaid Link.
Are there endpoints I can use with a user that I have already authd to get the public_token that is normally provided by this module?
No, not currently. These users will need to go through the flow
described in our Plaid + Stripe documentation here:
https://plaid.com/docs/link/stripe/