After contacting our partnerships team at Funding Options, you should have been issued with a username and password. These can be used to call the token endpoint and retrieve the authentication token.
As seen in the image below, the token will need adding to a header for any subsequent calls made to the Lender API. Without the token you will be returned a 401 Unauthorized response. You may receive a 403 Forbidden if the token is invalid or expired.
The intention is for tokens to be used until they reach expiry, which can be taken from the token endpoints response.
We only require the username and password in the API request. The other fields form part of the OAuth2 specification but will be ignored.
Once you've received your access_token in the response, the Authorization header should be set with the token_type when making calls to the Lender API.
For example, if your access_token was kqZnSUrszxEl7uuhQMxkiQ== and the token_type of Bearer, the header would be set as following:
Authorization: Bearer kqZnSUrszxEl7uuhQMxkiQ==
Our default tokens expiry is
30 minutesbut this is subject to change. Please use the response of theauthcall to determine the expiry. Limitation may be imposed on the number of active tokens you request, so please ensure the token is persisted between API calls while still active.