You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: apps/developer/docs/authorization.mdx
+128-9Lines changed: 128 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -125,29 +125,148 @@ Further reading:
125
125
126
126
## Client credentials authorization
127
127
128
-
> Note: client credentials are used to authenticate the application itself, not a user. This is useful when you want to access your own data. While you can access user data with client credentials, it is not recommended. Instead, use the authorization code flow to authenticate users.
128
+
The Client Credentials flow is used for server-to-server authentication where your application acts on its own behalf, not on behalf of a specific user. This is the authentication method for both **Personal** and **White-label** app types.
129
129
130
-
Confidential clients which can hide their credentials, e.g. backend servers, can be enlisted in Monerium's partner program, which enables them simultaneous access to multiple profiles which have granted authorization. These clients can get an access_token by submitting a POST or GET request to `/auth/token`:
130
+
### When to Use Client Credentials
131
131
132
-
```
133
-
curl --location --request POST 'http://api.monerium.app/auth/token' \
132
+
-**Personal apps**: Your application performs automated actions on your own Monerium account (e.g., backend scripts, scheduled jobs, internal tooling)
133
+
-**White-label apps**: Your platform manages users and their payment accounts directly, with Monerium fully abstracted from end users
134
+
135
+
:::warning Security Requirements
136
+
Client credentials (`client_secret`) must be stored securely and never exposed in client-side code. Only use this flow in environments where you can securely store secrets, such as backend servers.
137
+
:::
138
+
139
+
### Authentication Flow
140
+
141
+
The client credentials flow is simpler than OAuth, involving just two steps:
142
+
143
+
1.**Request Access Token** - Exchange your credentials for an access token
144
+
2.**Use Access Token** - Make API calls with the token
145
+
146
+
### Step 1: Request an Access Token
147
+
148
+
Submit a POST request to `/auth/token` with your `client_id` and `client_secret`:
149
+
150
+
```sh
151
+
curl --location --request POST 'https://api.monerium.dev/auth/token' \
Welcome to Monerium! This guide will help you integrate the Monerium API to offer your users IBANs directly connected to their blockchain addresses. Enable seamless money transfers between bank accounts and blockchains over the SEPA network.
9
9
10
-
This guide will help you get started with the Monerium API to offer your users IBAN's directly connected to their blockchain address. This enables a seamless experience to collect and send money between bank accounts and blockchains over the SEPA network.
10
+
## Overview
11
11
12
-
## Getting Started
12
+
Before you begin, determine which integration type fits your needs:
13
13
14
-
### Sign Up
14
+
:::tip Choose Your Integration Type
15
15
16
-
To get started, head over to our [Sandbox](https://sandbox.monerium.dev) and sign up.
16
+
**Building a user-facing app?** → [OAuth](#oauth) - Users authenticate with their Monerium accounts
17
17
18
-
### Creating an App
18
+
**Automating your own account?** → [Personal](#personal) - Run scripts and backend jobs on your account
19
19
20
-
Once signed up, head over the [developer portal](https://sandbox.monerium.dev/developers) and create an app.
20
+
**Managing accounts for your users?** → [White-label](#white-label) - Full platform control, Monerium abstracted away
21
21
22
-
### Obtaining Credentials
22
+
:::
23
23
24
-
After creating an app, you will receive two distinct sets of credentials, each tailored for specific use cases. Below is a breakdown of these credentials and guidance on how to use them effectively.
24
+
---
25
+
26
+
## Setup
27
+
28
+
### 1. Create Your Account
29
+
30
+
Head over to our [Sandbox](https://sandbox.monerium.dev) and sign up for a developer account.
31
+
32
+
### 2. Create an App
33
+
34
+
Once signed up, go to the [developer portal](https://sandbox.monerium.dev/developers) and create a new app. You'll need to select an app type based on your use case.
35
+
36
+
---
37
+
38
+
## App Types
39
+
40
+
Choose the authentication flow that matches your integration needs:
41
+
42
+
### 🔐 OAuth (User-facing Apps) {#oauth}
43
+
44
+
**Authentication:**[Authorization Code Flow with PKCE (Proof Key for Code Exchange)](#auth-flow)
45
+
46
+
**How it works:** Your app acts on behalf of Monerium users with their explicit consent. Users sign in with their Monerium credentials and grant your app permission to access their accounts.
47
+
48
+
**Credentials you'll receive:**
49
+
-`client_id` - Unique identifier for OAuth flows
50
+
51
+
**Best for:**
52
+
- Web applications
53
+
- Mobile apps
54
+
- Any app where users authenticate and control their own data
**How it works:** Your platform manages users and their payment accounts directly. Monerium is fully abstracted away from your end users—they never see or interact with Monerium.
88
+
89
+
**Credentials you'll receive:**
90
+
-`client_id` - Unique identifier
91
+
-`client_secret` - Secret key for authentication (keep secure!)
92
+
93
+
**Best for:**
94
+
- Payment platforms
95
+
- Fintech applications
96
+
- Services requiring full control over user payment flows
97
+
98
+
**Pricing:** €5,000/month
99
+
100
+
:::info Enterprise Solution
101
+
This is an enterprise solution for platforms that want to offer IBAN accounts under their own brand. Contact us to discuss your requirements.
0 commit comments