Authentication

OAuth Authentication In order to interact with the Moota API, you or your application must authenticate.

The Moota API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account in full or in read-only mode.

You can generate an OAuth token by visiting the Apps & API section of the Moota control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

How to Authenticate with OAuth #

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

Content-t.ype and Accept Header #

Moota API uses JSON format for both input and output, therefore it is required to specify JSON as content type & accept JSON as response. The header specifications are as below.

HTTP(s) HeaderTypeDescription
Content-Typeapplication/jsonIt indicates that JSON format will be used in the request. Moota API accepts JSON requests.
Acceptapplication/jsonIt indicates that JSON format is acceptable as response for the request. Midtrans API responds back in JSON.
AuthorizationBearerThe Authorization field in Bearer Auth format, Server Key is used as username, and the password is blank.

Authenticate with a Bearer Authorization Header]

curl -X $HTTP_METHOD -H "Authorization: Bearer <secret_token>" "https://app.moota.co/v2/$OBJECT"

Get Access Token