This section contains detailed information about the API access token with the SNAP standard used for payment transactions and transaction status checks. The access token must be included in the Authorization header for every transaction sent to API Management. Authentication is valid for 15 minutes; otherwise, you will need to request a new Access Token.
| Path | /ordersnap/api/v1.0/access-token/b2b |
| HTTP Method | POST |
| Version | v1.0 |
| Service Code | 73 |
Request Header
| Field Name | Field Type | Field Description |
|---|---|---|
| Content-Type | String (Required) | Type of the content. |
| X-TIMESTAMP | String (Required) | Using ISO 8601 as timestamp format. Transaction date time, in format YYYYMMDDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time). |
| X-SIGNATURE | String (Required) | Created using asymmetric signature SHA256withRSA algorithm. |
| X-CLIENT-KEY | String (Required) | Client’s client_id (given at the completion registration process) |
Content-type : application/json
X-TIMESTAMP : 2025-07-06T14:12:50+07:00
X-SIGNATURE : neGbHoFVY1d7EtG8Z6VBWwykvyqIkg
X-CLIENT-KEY : PaycloudSnap
Request Body
| Field Name | Field Type | Field Description |
|---|---|---|
| grantType | String (Required) | client_credentials: The client can request an access token using only its client credentials. |
| additionalInfo | Object (Optional) | Additional Information |
{
"grantType": "client_credentials",
"additionalInfo": {}
}
Response Body
| Field Name | Field Type | Field Description |
|---|---|---|
| accessToken | String (Conditional) | A string representing an authorization issued to the client that used to access protected resources. Will only be returned if API call is successful. |
| additionalInfo | String (Conditional) | Addtional Info. |
| expiresIn | String (Conditional) | Time duration when the accessToken will expire. (default = 900 second). Will only be returned if API call is successful. |
| responseCode | String (Required) | Debug message to provide more information. |
| responseMessage | String (Required) | Debug message to provide more information. |
| tokenType | String (Conditional) | The access token type provides the client with the information required to successfully utilize the access token to make a protected resource request. Will only be returned if API call is successful. |
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJhN2UzMmI3MC1hMWY2LTQyYmUtODM1NS1mZWU2MTAyODk3MjQiLCJjbGllbnRJZCI6IjIwMjAwMDIxNSIsIm5iZiI6MTcxOTQ3NjI3MywiZXhwIjoxNzE5NDc3MTczLCJpYXQiOjE3MTk0NzYyNzN9.uqvcrZaFnY2dmV16K9785xII_fby_uugeimUWJBvSYE",
"additionalInfo": {},
"expiresIn": "900",
"responseCode": "2007300",
"responseMessage": "Successful",
"tokenType": "Bearer"
}
List Response Code
| Response Code | HTTP Status | Description |
|---|---|---|
| 2007300 | 200 | Successful |
| 4007302 | 400 | Invalid Signature |
| 5007300 | 500 | Internal Server Error |