Authentication

Zilla uses HTTP Basic Auth for authentication. A Bearer token is generated using your "publicKey" and "secretKey".

Note: A valid token is required to authenticate all API calls.

You probably have these credentials already, otherwise, you can get them on your merchant dashboard.

• Go to the Settings page and tap on the API & Webhook tab to view your API & Webhook configuration credentials.
• If your Webhook setup has not been enabled, click on the "Enable API setup" button and your credentials will be generated for you.

You also need to update the webhook URL from the API & Webhook tab on your merchant dashboard to your webhook URL so we can effectively update you on the status of your transactions.

Here's the Zilla API to generate an authentication token:

<aside> 🔑 ${baseUrl}/bnpl/auth/sa **POST**

</aside>

curl --location --request POST '${baseUrl}/bnpl/auth/sa' 
-H "Authorization: Bearer TOKEN" 
-H "Content-Type: application/json"
--data-raw '{
    "publicKey": "44c84c0482c05f5687005af9fb985a8e477fb3af49ba1a81148d5fe06b349a           7a",
    "secretKey": "f1589d81ed7511395e88095277b5e2450f219879a4c9c3ecbfbbf7de63e0aa87"
}'

Parameters

Below is a sample response of successful authentication. The token, as highlighted must be used to authenticate all API calls. You must generate a new token after the current one expires to proceed.

{
    "message": "Success",
    "errorCode": null,
    "data": {
        "token": **"eyJ0eXAiOiJKV1MiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJhdXRoLXNlcnZlciIsImlhdCI6MTYzNTI1OTcyMSwic3ViIjoiYzRkY2U4NTUtNjU5My00OGYwLWJiNDktMWJmYTMxMWFiN2MyIiwiZXhwIjoxNjM1MjY2OTIxLCJhY2NvdW50U3RhdHVzIjoiQUNUSVZFIiwicHJpbmNpcGFsVHlwZSI6IlNFUlZJQ0VfQUNDT1VOVCJ9.eQOc2Vr6-IOSIJhcyAZwHOzDx7B736IhVW7oWecwPNTdg5G4ggHDPe7i7xFVq3HrWlTc1MRQjf8w9cHvzjLKRw"**,
        "tokenExpireAt": "2021-10-26T16:48:41.138888Z",
        "tokenExpiryMinutes": 119
    },
    "meta": null
}