Getting started

Client credentials

Note: client credentials are used to authenticate the application itself, not a user. This is useful when you want to access your own data. While you can access user data with client credentials, it is not recommended. Instead, use the authorization code flow to authenticate users.

There are several ways how you can authenticate to the Monerium API. In the following example, you will be using a Sandbox version of the system with client credentials which you can use to test and understand how this fits into your platform.

When you sign up to create an application, you will receive a client_id and a client_secret. If you don't have one already, you can follow along by using the sample credentials in the code sandbox at the bottom. Note that there are two different client_id values created for each application. You must use the correct one depending on whether you are using client credentials, or authorization code flow.

Getting an access token

API documentation:
POST /auth/token

Request:

curl 'https://api.monerium.dev/auth/token' \
-d client_id=1234567890abcdef \
-d client_secret=1234567890abcdef1234567890abcdef \
-d grant_type=client_credentials

Response:

{
  access_token: “YOUR-ACCESS-TOKEN”,
  expires_in: 3600,
  refresh_token: "wB9ehsvvRGKWL7onRAhv1g",
  token_type: "Bearer"
}

Getting client context

API documentation:
GET /auth/context

A client can have permission to access multiple profiles by creating applications.

Request:

curl -H 'Authorization: Bearer YOUR-ACCESS-TOKEN'
    'https://api.monerium.dev/auth/context'

Response:

{
  userId: "d92e9039-0773-11ed-8b1f-4a76448b7b21",
  email: "[email protected]",
  name: "[email protected]",
  roles: [],
  auth: {
      method: "password",
      subject: "[email protected]",
      verified: true
  },
  defaultProfile: "d88499e4-0773-11ed-8b1f-4a76448b7b21",
  profiles: [
      // client applications default user:
      {
        id: "d88499e4-0773-11ed-8b1f-4a76448b7b21",
        kind: "personal",
        name: "[email protected]",
        perms: [
            "read",
            "write"
        ]
      }
      // other users that have granted this application access to their data.
  ]
}

Getting profile detail

API documentation:
GET /profiles/{profileId}

Request:

 curl -H 'Authorization: Bearer YOUR-ACCESS-TOKEN'
    'https://api.monerium.dev/profiles/2b3933cf-d7f7-11eb-843f-bad551e4b9a5'

Response:

When connecting a wallet, a profile will obtain accounts for each of the following currencies: EUR, GBP, USD, and ISK for each supported network.

Note that this profile already has an IBAN attached to his Polygon account.

{
  id: "d88499e4-0773-11ed-8b1f-4a76448b7b21",
  name: "[email protected]",
  kyc: {
      state: "absent",
      outcome: "unknown"
  },
  accounts: [
      {
        id: "6da0137e-07a7-11ed-8b1f-4a76448b7b21",
        address: "0xfd47C71B650d3445B657a3a864762b1F907f2041",
        currency: "eur",
        chain: "ethereum",
      },
      // GBP, USD & ISK accounts for Ethereum
      {
        id: "6db0afb6-07a7-11ed-8b1f-4a76448b7b21",
        address: "0xfd47C71B650d3445B657a3a864762b1F907f2041",
        currency: "eur",
        chain: "polygon",
        iban: "FI54 9532 0029 2243 50",
        standard: "iban"
      },
      // GBP, USD & ISK accounts for Polygon
  ]
}

Summary

Claimed an access_token with client credentials.
Retrieve the client's authentication context
Retrieve a single profile.

Example

Click 'Fetch access token'.

What's next?

You've now learned how to authenticate against the API. You can now dig deeper into the documentation and read about different ways to authenticate and authorize, learn how to place and retrieve orders, and more.

Create app

Authorization

Getting started

Client credentials

Getting an access token

Request:

Response:

Getting client context

Request:

Response:

Getting profile detail

Request:

Response:

Summary

Example

What's next?

Documentation