Connecting existing merchants

Before you can generate and send Quick Bills for your customers (who are already AffiniPay merchants), you must get their permission and then connect to AffiniPay. You will:

  1. Configure your partner OAuth application.
  2. Request an access token so you can access account details on behalf of your customer.

1: Configure your partner OAuth application

To configure your partner OAuth application:

  1. Log in to the web application that corresponds to the product you’re integrating into your application.
  2. In the web application, click your name in the top-right corner and click Developers. (This part of the web application is available only to users with the Administrator or Developer role and to the merchant owner.)

  3. The My Partner Applications section on the right lists your partner OAuth applications. Locate the partner OAuth application that corresponds to your application and click Edit.
    app Note: If you don’t see any partner OAuth applications, ask AffiniPay Support to create one for you.
  4. Set the application name. This is the name your customers see when they authorize your partner OAuth application to interact with their AffiniPay, LawPay, or CPACharge account.
  5. Ensure that OAuth Enabled is selected. OAuth is required for all integrations. Do not uncheck this checkbox.
  6. Set the Redirect URI. Per the OAuth 2.0 specification, the Redirect URI is the URI to which the AffiniPay, LawPay, or CPACharge web application will redirect after successful authorization. Your web server must handle redirects to this URI.

2: Request an access token

You must get permission from your users to perform transactions on their behalf, using the OAuth 2.0 authorization code flow. Here’s a high-level description of this flow:

  1. In your application, a user (who is an AffiniPay, LawPay, or CPACharge merchant) clicks a Connect button.
  2. The user’s browser is redirected to a page that prompts the user to give your application access to the user's AffiniPay, LawPay, or CPACharge merchant account.

  3. After your application is granted access, the user's browser is redirected to your web server, with a URL that includes an authorization code.
  4. Your application requests an access token in exchange for the authorization code.
  5. Your application receives an access token.

Configure your OAuth client library

Download an OAuth client library (such as one of these https://oauth.net/code/) and configure it using the following values:

Your OAuth client library will help you run the OAuth flows.

Obtain and format a Connect button

Add a button to your application that merchants will click to initiate the authorization code flow. The button must include:

For example:

Connect with AffiniPay

Connect with LawPay

Connect with CPACharge

Start the authentication flow

Your client OAuth library should provide a convenient method for initiating the authorization code flow.

When a user clicks the button, the user’s browser should link to the URL for authorization redirects:

This link must also include the following parameters:

For example:

<a href=”https://secure.affinipay.com/oauth/authorize?redirect_uri=https://my.partner.redirect.domain/oauth/callback&client_id=f3ebce5fb8d5e0d4d8339d1058d11a8e0997c9943ccbd517c6dce33ab8bbdcc6 &scope=payments&response_type=code”>Connect with AffiniPay</a>

Note: This example is for connecting with AffiniPay. To connect with LawPay or CPACharge, be sure to use the correct authorization redirects URL in the request.

The AffiniPay, LawPay, or CPACharge web application will respond by redirecting first to the AffiniPay, LawPay, or CPACharge login screen to authenticate the merchant and solicit their permission to grant you access to their account. Following successful authentication and customer approval for access, the AffiniPay, LawPay, or CPACharge web application will redirect to the specified redirect URL with an OAuth2 authorization code. The URL will be formatted as <partner-redirect-url>?code=<authorization-code>.

Listen for an authorization code

After the user logs in through AffiniPay, LawPay, or CPACharge and authorizes your partner OAuth application, the Authentication API sends an authorization_code to the Redirect URI you specified in your partner OAuth application in the following format: <partner-redirect-url>?code=<authorization-code>. You must configure your server to listen for this authorization code.

Request an access token

Your application server needs to use the <authorization_code> to request an <access_token>. Your OAuth client library should provide a convenient way to send a POST request with the following parameters to the https://api.affinipay.com/oauth/token endpoint:

Example request
curl -X POST -H "Content-Type:application/json" https://api.affinipay.com/oauth/token -d '
{
  "client_id":"Y4QLWPO6wZag2ia8Abw7nbeLUAOgebDlfZGF1KyzgBaqAllzMtYFfP58jRxg5rp5",
  "client_secret":"4EG357enIs4m2SWKi9yfC3fQzIeOZmBTWr96ay47tqN4GUtRPYrWwxwCxwlZJbiC",
  "grant_type":"authorization_code",
  "redirect_uri":"https://my.partner.redirect.domain/oauth/callback",
  "code":"EiKvFkJu6rcFwOMWSqW8bWIng6EMFVD93duwn1QhgQKDvmpbA97zWFN2AfC5052R"
}'
Example response
{
  "access_token":"Msp2VL7SEGbLxT8UBWww7WUy33hLsg5Yhf5fFu8znSpPh2BbBMvXPyQkZx5TtWHd",
  "token_type":"bearer",
  "created_at":1464986958
}

Next step

Next, you’ll create a Quick Bill.