POSTAccess Token API
Use Case
This API is used to obtain the security token named as Access token which can be further used in subsequent API calls to retrieve the read only data.
Query Params
| ATTRIBUTE | DESCRIPTION |
|---|---|
|
mid string |
Paytm provides MID as a unique identifier to each merchant. For your staging MID, click here. You get the production MID post the account activation. Example: INTEGR7769XXXXXX9383 |
|
referenceId string |
This is the unique reference id corresponding to a request and it's value should be different for new requests. |
Request Attributes
Head
| Attribute | Description |
|---|---|
version string optional | Version of the API. Example: v1 |
requestTimestamp string optional | EPOCH timestamp of the time at which request is being sent. |
tokenType string mandatory | Authorization method for this request. Possible values:
CHECKSUM
To be used in case authentication is done using CHECKSUM.
|
token string mandatory | Authorization string corresponding to the tokenType used. Example: 739816707d7444XXXXXXXX6cb4264d0a1590145379323 |
Body
| Attribute | Description |
|---|---|
mid string mandatory | Paytm provides MID as a unique identifier to each merchant. For your staging MID, click here. You get the production MID post the account activation. Example: INTEGR7769XXXXXX9383 |
referenceId string mandatory | This is a unique reference id corresponding to a request and its value should be different for new requests. |
paytmSsoToken string conditional | This is a unique token linked with Paytm user's account. Note: It becomes mandatory if Fetch Payment Options API is to be hit for getting paytm user's saved instruments. Example: eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..xxxxxxxxxxx.9iHTtWbCZ0I6qbn2sUnyz5siw1fqbmtEnFMFE7nSIX-yrwCkiGfAC6QmPr9q-tw8LMPOh5-3UXRbpeVZEupQd3wNyaArWybRX2HAxJDRD8mxJ_wxzJM6GZ1ov4O3EIsx2Y_Zr0aHCd3VbnTjRUnlVdxXJPFG8QZs0b_2TVdoAX3_QjZS8_dwcmIWoH8ebDzOIs7MJacETfMtyFGAo8Xc0LjznToUWvTsTbIXQoF1yB0.1fZFAYJVsY61BTv2htLcXQ8800 |
cardPreAuthType string optional | The type of Pre-Auth flow - Standard/Delayed that is to be used for the transaction. This will be used as context in subsequent API calls. Example :
STANDARD_AUTH : This pre-auth flow involves blocking of amount in the customer’s account to be captured/released at a later stage.
DELAYED_AUTH : This flow involves no blocking of amount but only the authorization for this transaction is done at a later stage. Note: This parameter is applicable for only Pre-auth flow on cards. |
preAuthBlockSeconds string optional | The max period (in seconds) for which the merchant wants to block the amount in the customer's account. This will be used as context in subsequent API calls. Example : 12321 Note: This parameter is applicable for only Pre-auth flow. |
Response Attributes
Head
| Attribute | Description |
|---|---|
version string | Version of the API passed in the request. |
responseTimestamp string | EPOCH timestamp of the time at which response is being sent. |
Body
| Attribute | Description | ||||||||
|---|---|---|---|---|---|---|---|---|---|
resultInfo object | This parameter gives the information about the result of the API response | ||||||||
ResultInfo +
| |||||||||
extraParamsMap object | Map for any extra information (in case of error). | ||||||||
accessToken string | Unique Access Token generated in reponse of the this API and is used for subsequent API calls. It is valid for 30 minutes. | ||||||||
Response Codes & Messages
| resultCode | resultStatus | resultMsg |
|---|---|---|
| 0000 | S | Success |
| 1001 | F | Request parameters are not valid |
| 2005 | F | Checksum provided is invalid |
| 2006 | F | Invalid MID |
| 9999 | F | Something went wrong |
| 00000900 | U | System error |
curl -X POST 'https://securegw-stage.paytm.in/theia/api/v1/token/create?mid={mid}&referenceId=ref_987654321' \
--header 'Content-Type: application/json' \
--data '{"head":{"tokenType":"CHECKSUM","token":"{checksum}"},"body":{"mid":"{mid}","referenceId":"ref_987654321","cardPreAuthType":"STANDARD_AUTH","preAuthBlockSeconds":12321}}'
