Merchant login request

Authenticate merchant and receive access token and refresh token.

Token Lifetime: Access token expires in 15 minutes (900 seconds)

Usage: Save both access_token and refresh_token from the response. Use the access token in the Authorization header as Bearer <access_token> for authenticated requests.

Header Parameters

Acceptstring

application/json

Content-Typestring

application/json

Request Body

usernamestring

Merchant username

passwordstring

Merchant password

Response Body

application/json

const body = JSON.stringify({
  "username": "Test",
  "password": "Test@1234"
})

fetch("https://merchantapisandbox.hesabe.com/api/v1/login", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Accept": "application/json"
  },
  body
})

const body = JSON.stringify({  "username": "Test",  "password": "Test@1234"})fetch("https://merchantapisandbox.hesabe.com/api/v1/login", {  method: "POST",  headers: {    "Content-Type": "application/json",    "Accept": "application/json"  },  body})

{
  "status": true,
  "message": "Success",
  "response": {
    "token": {
      "token_type": "Bearer",
      "expires_in": 900,
      "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9...",
      "refresh_token": "def502005bcf51e405360c33b0be6546e5205cdb62f8..."
    }
  }
}

{
  "status": false,
  "message": "Invalid Signature.",
  "response": null
}

{
  "status": false,
  "message": "Request not found, Please verify the request data",
  "response": null
}

{
  "message": "Internal server error occurred"
}

Header Parameters

Request Body

Response Body

200application/json

401application/json

404application/json

500application/json

application/json

application/json

application/json

application/json