Javascript-API - Session endpoint

Target audience: Developers

Introduction

This section describes the Payway Javascript API Session endpoint. This is intended for users whose implementation dont leverage the standard JS API implementation.

URI

Environment URI
Stage https://payway-api.stage.adeprimo.se/js/v2/session
Production https://backend.worldoftulo.com/js/v2/session

Requirements

  • Origin header. This is set automatically during CORS requests by the browser.
  • Allowed origin configured for API user in PAP.

Parameters

Field Required Type Description
Origin Required Header Origin header. This is set automatically during CORS requests by the browser
client_id Required String The client id for the API user
client_fields Optional String Comma separated
fields Optional String Comma separated

Response

Example response

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
{
    "iat": 1589878574,
    "nbf": 1589878274,
    "exp": 1589878874,
    "iss": "Tulo",
    "aud": "http://testing.com/",
    "prn": "5ec39f2e09c04c1e779905e9",
    "session": {
      "active": true,
      "verified": false,
      "sid": "id",
      "id": "5ec39f2e09c04c1e779905e9",
      "contact_email": "N/A",
      "display_name": "N/A",
      "has_offers": false
    },
    "signature": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1ODk4Nzg1NzQsIm5iZiI6MTU4OTg3ODI3NCwiZXhwIjoxNTg5ODc4ODc0LCJpc3MiOiJUdWxvIiwiYXVkIjoiaHR0cDovL3Rlc3RpbmcuY29tLyIsInBybiI6IjVlYzM5ZjJlMDljMDRjMWU3Nzk5MDVlOSIsInNlc3Npb24iOnsiYWN0aXZlIjp0cnVlLCJ2ZXJpZmllZCI6ZmFsc2UsInNpZCI6ImlkIiwiaWQiOiI1ZWMzOWYyZTA5YzA0YzFlNzc5OTA1ZTkiLCJjb250YWN0X2VtYWlsIjoiTi9BIiwiZGlzcGxheV9uYW1lIjoiTi9BIiwiaGFzX29mZmVycyI6ZmFsc2V9fQ.AjbZjF31Dz44g131NO647OKctNks3uJvruChuG0fPlI"
  }

Errors

Origin not allowed
1
2
3
4
{
  "status": "error",
  "message": "Forbidden"
}
Origin not set
1
2
3
4
5
6
{
  "status": "error",
  "code": "required_field",
  "field": "HTTP_ORIGIN",
  "message": "HTTP_ORIGIN required"
}