GuidesAPI ReferenceWebhooksPluginsReceipt ScannerEnvironmental ImpactIssuer Receipt API
API Reference
Start typing to search…

Issuer Receipt API - Authentication

Authentication

Note: This authentication guide applies specifically to the OpenCard Issuer Receipt API. For other OpenCard APIs, please refer to their respective authentication documentation.

Overview

The OpenCard Issuer Receipt API uses Bearer token authentication to secure all API endpoints and ensure that only authorized payment providers and issuing partners can access digital receipt services. This authentication system provides secure access to transaction data and receipt management capabilities for qualified partners.

Getting Your API Key

To obtain API credentials for the OpenCard Issuer Receipt API, you must have a valid partner agreement in place with OpenCard. Contact our support team at [email protected] to get started.

Authentication Method

All Issuer Receipt API requests must include a valid Bearer token in the Authorization header:

Authorization: Bearer YOUR_API_TOKEN

Making Authenticated Requests

HTTP Header Format

Include your Bearer token in the Authorization header of every API request to the Receipt API:

curl -X GET "https://receipts.opencard.io/api/v1/marcet/callbackrequests" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

Code Examples

curl -X GET "https://receipts.opencard.io/api/v1/marcet/callbackrequests" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

Security Best Practices

Keep Your Tokens Secure
  • Store your API tokens securely and never expose them in client-side code
  • Use environment variables or secure configuration management
  • Rotate your tokens periodically for enhanced security
  • Never commit API keys to version control systems
HTTPS Only
  • All API requests must be made over HTTPS
  • HTTP requests will be rejected to protect your data in transit
  • The Receipt API endpoint uses SSL/TLS encryption
Token Scoping
  • Your API token will have specific scopes based on your payment provider integration needs
  • Receipt API tokens are separate from other OpenCard API credentials
  • Contact support if you need additional permissions or scope changes

Error Responses

If authentication fails, you'll receive one of these error responses:

Status CodeDescriptionAction Required
401Unauthenticated - Missing or invalid tokenCheck your Authorization header and token validity
403Access denied - Insufficient permissionsContact support for scope changes or verify your integration type

Need Help?

If you encounter any authentication issues or need assistance with the Issuer Receipt API:

  • Email: [email protected]
  • Include: Error messages, request details, and your specific Receipt API use case

Our support team is here to help you integrate with the OpenCard digital receipt services quickly and securely.