Skip to main content

Authentication V2

All request processes in the API Transaction require the use of authentication. PaDi UMKM Open API uses two ways for authentication, namely:

  1. Basic Authentication
  2. oAuth Token Authentication

Guide

This guide explains the steps you, as a user, need to take to integrate the Open API using bearer token authorization. This token is obtained through the Login API using Basic Authentication. This process will ensure that only authorized applications can access protected resources. The obtained token will expire in 24 hours but can be renewed using the Refresh Token API.

In this process, you will perform three main steps:

  1. Create an Access Token: Use credentials to get an access token.

  2. Use Access Tokens to Access Resources: Access protected APIs using access tokens.

  3. Update Access Token Using Refresh Token: Renew an expired access token using the Refresh Token.

Each step will be explained in detail to ensure the process runs smoothly and safely.

Step 1: Create Token Access

To create an access token, you need to send a request to the Login API using the credentials provided by the Admin (access_key, access_secret, and url). This request will be authenticated using Basic Authentication and must include the credentials in the request body.

Login

TypeREST
MethodPOST
URL{{base_url}}/api/v2/bumn/bumn-auth/login
AuthorizationBasic
DescriptionThis API is used to generate token JWT.
EnvironmentCore (Open API) Service

Request

TypeParamsValuesDescriptionSample Data
ValidNot Valid
BODY JSONaccess_key
  • string
  • mandatory

This credential key is obtained from the Admin Dashboard website

d748659236d440c3ef7d4bb6b3de1c62be6fc0ffb38910bdca4e1d1fd4a722f9NULL
BODY JSONaccess_secret
  • string
  • mandatory

This credential secret is obtained from the Admin Dashboard website

2ce6d2c3aefd3f156e346cfe7f07ad72d7fd619f8a001222cb725764e0da3144NULL
Request Example
Payload
{
  "access_key": "d74865****fb3891****4a722f9",
  "access_secret": "2ce6d2c3*****7ad72d7fd*****b72576*****144"
}

Response

Success Example
StatusPayload
200
{
  "status": "success",
  "data": {
    "data": {
      "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2Nlc3Nfa2V5IjoiZDc0ODY1OTIzNmQ0NDBjM2VmN2Q0YmI2YjNkZTFjNjJiZTZmYzBmZmIzODkxMGJkY2E0ZTFkMWZkNGE3MjJmOSIsImFwcF9rZXkiOiI2MmE3MDc5MDMxYmZlN2EzNjQ2NDQyNzMiLCJleHAiOjE3MjA2OTkzMDZ9.8ZcyaDoJG-vaoIG5jOunOd7Rl1rR95dzdprTKCkn4vw",
      "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2Nlc3Nfa2V5IjoiZDc0ODY1OTIzNmQ0NDBjM2VmN2Q0YmI2YjNkZTFjNjJiZTZmYzBmZmIzODkxMGJkY2E0ZTFkMWZkNGE3MjJmOSIsImFwcF9rZXkiOiI2MmE3MDc5MDMxYmZlN2EzNjQ2NDQyNzMiLCJleHAiOjE3MjAxODA5MDZ9.cdDiTav1qYnxN0hpxdTXvhEb9dmakgw39IbGQPkuRTU"
    }
  },
  "message": "ok"
}
ParamsDescription
status
  Data Type: STRING

  Status of the request delivered to server.

  Available value:* “success”* “error”
data
  Data Type: OBJECT

  Data transmitted by response.
data.data
  Data Type: OBJECT

  Data transmitted by response.
data.data.refresh_token
  Data Type: STRING

  Generate refresh token JWT.
  Expires in 7 days.
data.data.token
  Data Type: STRING

  Generate token JWT for API needs with Bearer authentication.Expires in 24 hours.
message
  Data Type: STRING

  Description and/or details message of the status.

  Available Value:“ok” or some error message by trapped condition
Error Example
StatusPayload
404
{
  "message": "Data Not Found!",
  "status": "error"
}
500
{
  "message": "Status not found or not a string",
  "status": "error"
}

Step 2: Use Access Tokens to Access Resources

Once you get the access token, you can use it to access the API available at [API Docs] Marketplace (Only) and has been protected by API Login. Make sure you include the access token in the request header as a Bearer Token.

Step 3: Update Access Token Using Refresh Token

The access token you received in the first step will expire after 24 hours. To renew the access token without having to repeat the login process, you can use the refresh token received earlier. The refresh token will expire after 7 days.

Refresh Token

TypeREST
MethodPOST
URL{{base_url}}/api/v2/bumn/bumn-auth/refresh-token
AuthorizationBasic
DescriptionThis API is used to refresh token from Login BUMN.
EnvironmentCore (Open API) Service

Request

TypeParamsValuesDescriptionSample Data
ValidNot Valid
BODY JSONrefresh_token
  • string
  • mandatory
This token is obtained from API Login response

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2Nlc3Nfa2V5IjoiZDc0ODY1OTIzNmQ0NDBjM2VmN2Q0YmI2YjNkZTFjNjJiZTZmYzBmZmIzODkxMGJkY2E0ZTFkMWZkNGE3MjJmOSIsImV4cCI6MTcxOTU2MTQ2MH0.AYlf_0fZyeZNQ18c5daly1pcRAIVLPvroR4KBVyP2C8

NULL
Request Example
Payload
{
  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2Nlc3Nfa2V5IjoiZDc0ODY1OTIzNmQ0NDBjM2VmN2Q0YmI2YjNkZTFjNjJiZTZmYzBmZmIzODkxMGJkY2E0ZTFkMWZkNGE3MjJmOSIsImV4cCI6MTcxOTU2MTQ2MH0.AYlf_0fZyeZNQ18c5daly1pcRAIVLPvroR4KBVyP2C8"
}

Response

Success Example
StatusPayload
200
{
  "status": "success",
  "data": {
    "data": {
      "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2Nlc3Nfa2V5IjoiZDc0ODY1OTIzNmQ0NDBjM2VmN2Q0YmI2YjNkZTFjNjJiZTZmYzBmZmIzODkxMGJkY2E0ZTFkMWZkNGE3MjJmOSIsImFwcF9rZXkiOiI2MmE3MDc5MDMxYmZlN2EzNjQ2NDQyNzMiLCJleHAiOjE3MjA2OTkzMDZ9.8ZcyaDoJG-vaoIG5jOunOd7Rl1rR95dzdprTKCkn4vw",
      "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2Nlc3Nfa2V5IjoiZDc0ODY1OTIzNmQ0NDBjM2VmN2Q0YmI2YjNkZTFjNjJiZTZmYzBmZmIzODkxMGJkY2E0ZTFkMWZkNGE3MjJmOSIsImFwcF9rZXkiOiI2MmE3MDc5MDMxYmZlN2EzNjQ2NDQyNzMiLCJleHAiOjE3MjAxODA5MDZ9.cdDiTav1qYnxN0hpxdTXvhEb9dmakgw39IbGQPkuRTU"
    }
  },
  "message": "ok"
}
ParamsDescription
status
  Data Type: STRING

  Status of the request delivered to server.

  Available value:
  * "success"
  * "error"
data
  Data Type: OBJECT

  Data transmitted by response.
data.data
  Data Type: OBJECT

  Data transmitted by response.
data.data.refresh_token
  Data Type: STRING

  Generate refresh token JWT.
  Expires in 7 days.
data.data.token
  Data Type: STRING

  Generate token JWT for API needs with Bearer authentication.
  Expires in 24 hours.
message
  Data Type: STRING

  Description and/or details message of the status.

  Available Value:
  "ok" or some error message by trapped condition
Error Example
StatusPayload
403
  {
    "message": "invalid refresh token",
    "status": "error"
  }
500
  {
    "message": "Status not found or not a string",
    "status": "error"
  }
ParamsDescription
status
  Data Type: STRING

  Status of the request delivered to server.

  Available value:
  * "success"
  * "error"
message
  Data Type: STRING

  Description message for the occurring error