Quick Start

Get up and running with Paylent by registering an OAuth client and issuing an access token.

Prerequisites

A Paylent account with at least one environment
Access to the Management API (via your environment’s subdomain)

Register an OAuth client

Create a confidential client with client credentials grant enabled:

curl -X POST https://acme-test.paylent.com/api/clients \
  -H "Content-Type: application/vnd.api+json" \
  -d '{
    "data": {
      "type": "client",
      "attributes": {
        "name": "My Backend Service",
        "client_type": "confidential",
        "redirect_uris": ["https://myapp.example.com/callback"],
        "grant_types": ["client_credentials", "authorization_code"]
      }
    }
  }'

The response includes your client_id and client_secret. Store the secret securely — it cannot be retrieved again.

Generate a signing key

Your environment needs at least one active signing key to issue JWTs:

curl -X POST https://acme-test.paylent.com/api/signing-keys \
  -H "Content-Type: application/vnd.api+json" \
  -d '{
    "data": {
      "type": "signing_key",
      "attributes": {
        "algorithm": "rs256"
      }
    }
  }'

Issue an access token

Use the client credentials grant to get an access token:

curl -X POST https://acme-test.paylent.com/oauth/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -u "CLIENT_ID:CLIENT_SECRET" \
  -d "grant_type=client_credentials"

Response:

{
  "access_token": "eyJhbGciOiJSUzI1NiIs...",
  "token_type": "Bearer",
  "expires_in": 3600
}

Verify the token

Introspect the token to confirm it’s valid:

curl -X POST https://acme-test.paylent.com/oauth/introspect \
  -u "CLIENT_ID:CLIENT_SECRET" \
  -d "token=eyJhbGciOiJSUzI1NiIs..."

What’s Next?

Authentication — Understand the OAuth2 flows, session management, and JWT structure
Users & Roles — Set up RBAC for your users
API Reference — Full endpoint documentation