Open Payments Authorization Server (1.3.0)

Download OpenAPI specification:

E-mail: tech@interledger.org License: Apache-2.0

Open Payments Authorization Server

The authorization server handles grant requests and access token management for the Open Payments protocol, using GNAP (Grant Negotiation and Authorization Protocol).

Endpoints:

POST / — initiate a grant request
POST /continue/{id} — continue a pending grant request
DELETE /continue/{id} — cancel a pending grant request
POST /token/{id} — rotate an access token
DELETE /token/{id} — revoke an access token

For an overview of how Open Payments authorization works, see the Authorization concepts page.

grant

Grant operations

Grant Request

Make a new grant request

Request Body schema: application/json
required

Any of

required	client (string) or client (object) or client (object) (client)
	object (interact-request) The client instance declares the parameters for interaction methods that it can support using the interact field.
required	object
	object (subject) Information about the subject for which the client is requesting information.

Responses

Request samples

Payload

Content type

application/json

Example

Grant request for creating and reading recurring fixed payment

{"access_token": {"access": [{"type": "outgoing-payment",
"actions": ["create",
"read"
],
"identifier": "https://ilp.interledger-test.dev/alice",
"limits": {"receiver": "https://ilp.interledger-test.dev/incoming-payments/45a0d0ee-26dc-4c66-89e0-01fbf93156f7",
"interval": "R12/2019-08-24T14:15:22Z/P1M",
"debitAmount": {"value": "500",
"assetCode": "USD",
"assetScale": 2
}
}
}
]
},
"client": "https://webmonize.com/.well-known/pay",
"interact": {"start": ["redirect"
],
"finish": {"method": "redirect",
"uri": "https://webmonize.com/return/876FGRD8VC",
"nonce": "4edb2194-dbdf-46bb-9397-d5fd57b7c8a7"
}
}
}

Response samples

200
400
401
500

Content type

application/json

Example

Interaction instructions

{"interact": {"redirect": "https://auth.interledger-test.dev/4CF492MLVMSW9MKMXKHQ",
"finish": "4105340a-05eb-4290-8739-f9e2b463bfa7"
},
"continue": {"access_token": {"value": "33OMUKMKSKU80UPRY5NM"
},
"uri": "https://auth.interledger-test.dev/continue/4CF492MLVMSW9MKMXKHQ",
"wait": 30
}
}

Continuation Request

Continue a grant request during or after user interaction.

Authorizations:

GNAP

path Parameters

id

required

string

The unique reference ID of the grant request continuation.

Request Body schema: application/json

interact_ref

string

The interaction reference generated for this interaction by the AS.

Responses

Request samples

Payload

Content type

application/json

{"interact_ref": "ad82597c-bbfa-4eb0-b72e-328e005b8689"
}

Response samples

200
400
401
404

Content type

application/json

Example

Continuing after a completed interaction (returning access token)

{"access_token": {"value": "OS9M2PMHKUR64TB8N6BW7OZB8CDFONP219RP1LT0",
"manage": "https://auth.interledger-test.dev/token/dd17a202-9982-4ed9-ae31-564947fb6379",
"expires_in": 3600,
"access": [{"type": "outgoing-payment",
"actions": ["create",
"read"
],
"identifier": "https://ilp.interledger-test.dev/alice",
"limits": {"receiver": "https://ilp.interledger-test.dev/bob/incoming-payments/48884225-b393-4872-90de-1b737e2491c2",
"interval": "R12/2019-08-24T14:15:22Z/P1M",
"debitAmount": {"value": "500",
"assetCode": "USD",
"assetScale": 2
}
}
}
]
},
"continue": {"access_token": {"value": "33OMUKMKSKU80UPRY5NM"
},
"uri": "https://auth.interledger-test.dev/continue/4CF492MLVMSW9MKMXKHQ",
"wait": 30
}
}

Cancel Grant

Cancel a grant request or delete a grant client side.

Authorizations:

GNAP

path Parameters

id

required

string

The unique reference ID of the grant request continuation.

Responses

Response samples

401
404

Content type

application/json

Example

Invalid client

{"error": {"description": "string",
"code": "invalid_client"
}
}

token

Token operations

Rotate Access Token

Management endpoint to rotate access token.

Authorizations:

GNAP

path Parameters

id

required

string

The unique reference of the access token to be managed.

Responses

Response samples

200
400
401
404
500

Content type

application/json

{"access_token": {"value": "OZB8CDFONP219RP1LT0OS9M2PMHKUR64TB8N6BW7",
"manage": "https://auth.interledger-test.dev/token/8f69de01-5bf9-4603-91ed-eeca101081f1",
"expires_in": 3600,
"access": [{"type": "outgoing-payment",
"actions": ["create",
"read"
],
"identifier": "https://ilp.interledger-test.dev/alice",
"limits": {"interval": "R12/2019-08-24T14:15:22Z/P1M",
"receiver": "https://ilp.interledger-test.dev/bob/incoming-payments/48884225-b393-4872-90de-1b737e2491c2",
"debitAmount": {"value": "500",
"assetCode": "USD",
"assetScale": 2
}
}
}
]
}
}

Revoke Access Token

Management endpoint to revoke access token.

Authorizations:

GNAP

path Parameters

id

required

string

The unique reference of the access token to be managed.

Responses

Response samples

401
500

Content type

application/json

{"error": {"description": "string",
"code": "invalid_client"
}
}

Open Payments Authorization Server (1.3.0)

grant

Grant Request

Request Body schema: application/jsonrequired

Responses

Request samples

Response samples

Continuation Request

Authorizations:

path Parameters

Request Body schema: application/json

Responses

Request samples

Response samples

Cancel Grant

Authorizations:

path Parameters

Responses

Response samples

token

Rotate Access Token

Authorizations:

path Parameters

Responses

Response samples

Revoke Access Token

Authorizations:

path Parameters

Responses

Response samples

Request Body schema: application/json
required