Getting started with AP+ Bridge
Everyone has their own way of doing things, so once we kick things off, we'll team up to create a plan that's just right for you. For now, why not check out what AP+ Bridge has to offer and how it fits your business needs. Let’s get you onboarded sooner!
Onboarding Overview
Here's a rundown of what happens during onboarding:
Throughout the process, you'll have your own Integration Manager and tech support from our customer delivery team, all working closely together to assist your integration.
| Activity | Non-Technical | Technical |
|---|---|---|
| Contact us to kick start your implementation project with our Partnerships Team | ✅ | ✅ |
| Nominate representatives within your company as primary and secondary business and technical liaisons | ✅ | ✅ |
| Prerequisite Assessment (Environments, Compliance, Risk, Auditing and Security) | ✅ | ✅ |
| Discovery Sessions: Business Outcomes, Milestones and Co-Marketing Strategy | ✅ | |
| Discovery Session: Technical Deep Dive | ✅ | |
| Sandbox/Testing environment access | ✅ | |
| Sandbox/Testing review (certification) | ✅ | |
| Production environment access | ✅ | |
| Production Pilot implementation | ✅ | |
| Production Launch | ✅ | |
| Project Retrospective | ✅ | ✅ |
1️⃣ Authentication
To get started you need to perform an OAuth 2.0 Client Credentials Grant flow.
Your Integration Manager will provide your OAuth 2.0 client credentials (ie. Client ID and Client Secret) during onboarding.
Encode to Base64 format
Concatenate your Client ID and Client Secret by encoding them to Base64 format. This ensures your credentials are suitable for transport.
For example, using base64 CLI is:
$ echo -n "my_client_id:my_client_secret" | base64
am9ldXNlcjpzZWNyZXRwYXNzRequest access token
Request an access token to use in subsequent API calls. Take the Base64 encoded output and perform the following operation:
Request example
curl -X 'POST' \
'https://sanbox.api.opapi.au/v2/token' \
-H 'accept: application/json' \
-H 'Authorization: Basic am9ldXNlcjpzZWNyZXRwYXNz' \Response example
{
"access_token": "IVBRZmE9d05ONyFyMw==",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "FKWSOIZmE9d05ONyFyMw=="
}NOTE: An access token must be obtained at least every 60 minutes
Request access token using refresh token
Request example
curl -X 'POST' \
'https://sandbox.api.opapi.au/v2/token/refresh' \
-H 'accept: application/json' \
-H 'Authorization: Bearer IVBRZmE9d05ONyFyMw==\
-H 'Content-Type: application/json' \
-d '{
"refresh_token": "FKWSOIZmE9d05ONyFyMw=="
}'2️⃣ Host Server
You will need to host your own server to receive real-time data sent using webhooks from our AP+ Bridge ecosystem, verify the requests, process, and trigger actions accordingly to enhance the overall consumer experience.
3️⃣ Switch to Issuer (S2I) and Switch to Acquirer (S2A)
Route QR initiated payment transactions for authorisations using S2I and S2A:
- S2I - Less development overhead for acquirers, with less extensive integration surrounding supporting fast notifications from schemes.
- S2A - Greater control and authorisation visibility, which may be preferred by some acquirers.
Reach out to your Integration Manager during the onboarding process to discuss the best option for your implementation.
4️⃣ API references
Get to know our AP+ Bridge APIs: