openapi: 3.0.2
info:
  title: AgoraPay Authenfication access API
  version: 1.0.1
  description: AgoraPay Authentication access API
servers:
  - url: 'https://api.test.agorapay.com/'
    description: Sandbox API AgoraPay
  - url: 'https://api.live.agorapay.com'
    description: Production API AgoraPay
paths:
  /token:
    post:
      parameters:
        - name: grant_type
          description: grant_type
          schema:
            type: string
            enum:
              - client_credentials
          in: query
          required: true
        - name: scope
          description: scope
          schema:
            type: string
            enum:
              - openid
          in: query
          required: true
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/tokenResponse'
          description: 'Token successful.'
        '401':
          description: 'Client authentication failed.'
      security:
        - basicAuth: []
      summary: ask for a token
      description: 'Submit a token request.'
components:
  schemas:
    accessToken:
      description: >-
        The bearer access token. To consume API Agorapay Ressource, the marketplace should send the access_token directly in the Authorization request header.
      type: string
    scope:
      description: >-
        APIM scope.
      type: string
    id_token:
      description: >-
        The marketplace token. To consume API Agorapay Ressource, the marketplace should send the access_token directly in the Authorization request header.
      type: string
    token_type:
      description: >-
        Token type.
      type: string
    expires_in:
      description: >-
        The token validity periods (3600 seconds max).
      type: string
    tokenResponse:
      description: ''
      type: object
      properties:
        accessToken:
          $ref: '#/components/schemas/accessToken'
        scope:
          $ref: '#/components/schemas/scope'
        id_token:
          $ref: '#/components/schemas/id_token'
        token_type:
          $ref: '#/components/schemas/token_type'
        expires_in:
          $ref: '#/components/schemas/expires_in'
      example:
        accessToken: 'd2a9c716-af41-3757-a746-0d29e8e4d70d'
        scope: 'am_application_scope openid'
        id_token: 'eyJ4NXQiOiJNVFptT1daaU1HSTBZVGxpWVRaaE5UWXdOR0kxT0dGbE9UTTVPR1ZpWldZME0yWmlPV1ZtWVEiLCJraWQiOiJNVFptT1daaU1HSTBZVGxpWVRaaE5UWXdOR0kxT0dGbE9UTTVPR1ZpWldZME0yWmlPV1ZtWVEiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoieVlKblkzRzNBVl9rcXdKbXFlSV8xZyIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJhdWQiOlsiTXZRQWJqZkd2NEd6bW9RMjdQdlY2YV9aTUZJYSJdLCJhenAiOiJNdlFBYmpmR3Y0R3ptb1EyN1B2VjZhX1pNRklhIiwiaXNzIjoiaHR0cHM6XC9cL2hvbS1pcy5jYS1jZWRpY2FtLmZyOjk0NDRcL29hdXRoMlwvdG9rZW4iLCJleHAiOjE2MDYxMzgyNDgsImlhdCI6MTYwNjEzNDY0OH0.m9-PFrCS_gTt4Wyjfmxjts163a3w82ItWvZu8iUFeWKXL3eAMXdhkZGfaW-3okbp0DWQ-lMXo4Ea_repzHxQa2D1nwrqjzUpaLVVUJThlNBcx6jY67yk7u7gj6sORfYh_EajmC4uesVqaozYZsWY8ACi676g7aYbUu6fkkjMoKQx9upNn6DI5kbeesYFhppaZOsSJV_S6wlc_8c2HhddAU8vBZMWdkH6FFLwPafOlEeeU3AYDD4R5-UJRX12egASVRQK_CD79hlk_C5SB9jfnfRlAYvuyXwDhT0E3s2EGCoLQqrWK1efH9rOnTpKfRq3gOLP2Qpf08CxZg2g_4sZtw'
        token_type: 'Bearer'
        expires_in: '3600'
  securitySchemes:
    basicAuth:
      type: http
      scheme: basic