The authentication works with the grant type device_pin and the corresponding field for it. It uses the common endpoint POST /oauth/token.
Request
POST /oauth/token HTTP/1.1Host: connect-testing.secupay-ag.deAuthorization: Bearer qb56tjj1bcvo9n2nj4u38k84loAccept: application/json{ "grant_type": "device_pin", "client_id": "e3323efa4fb2c4e8562adcdbfe9acf41", "client_secret": "44640a4323db70c1b87dcbe27672a997eb98dad04d8e4caf942da70f77841f8d", "uuid": "/vendor/ingenico/serial/17275wl26695664", "device_pin": "CxajtF94uLi4s7d3"}If the Smart Device ID is valid, the API responds with 200 OK, and the wanted tokens:
Response
HTTP/1.1 200 OKContent-Type: application/json{ "access_token": "7vfogs9bpol1dv2yvl5gqmpl0g", "expires_in": 1200, "token_type": "bearer", "scope": null}If not successful, it responds with 400 Bad Request, and a simple error response.