riverty logo


Generate Token

Tokens can be easily generated via a simple API call. The request to the token exchange should contain 4 key value pairs in the request body:

  1. client_id: Riverty's Recurring Payments client id
  2. client_secret: Your client secret
  3. audience: The audience defines which endpoints the token is to be used. Should always be set to https://api.horizonafs.io
  4. grant_type: Is the method your application can gain the access token. Should always be set to client_credentials

The request should be sent using the header:
Content-Type: application/x-www-form-urlencoded

The key-value pair should be in a string, with "=" between the key and value. Each key-value pair should be separated with "&".

Token Exchange Example Request


The response body contains 4 properties:
access_token: is the JWT token which holds all of your privileges and access rights. Be sure to keep it secure and away from publicly accessible areas as GitHub or client side code
scope: is the permissions and access rights of the token
expires_in: is how long the JWT is valid for in seconds
token_type: is what kind of token the token is. In our responses it is specified Bearer which indicates that that you authenticate with a bearer token, "

Example Response

 "access_token": "eyJh...",
 "scope": "read_userprofile fullcontrol:user",
 "expires_in": 86400,
 "token_type": "Bearer"

Every call to our API requires an access token in order to be authorized and API requests are rejected if plain HTTP is used. HTTPS is required.

Example Request with Token

curl -X 'GET' \
  'https://api.riverty.io/subscription/v1/clients/your-client-id/subscriptions/subscription-id-1' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer eyJh...'