Getting Started
This guide will walk you through the steps to make your first requests to the sandbox API. Calling endpoints in production will follow a similar process but use different URLs.
Overview
Getting started with the Astra API follows a simple, four-step process:
- Create your developer account and generate API keys
- Create a test user profile
- Authorize your client with the test user
- Make a request to the API with an
access_token
Optional
To view a code-based walkthrough of the user onboarding happy path see our latest recipe:
If you have a working Python3 environment, you can copy the code from this recipe and run it to quickly create a user with an
access_token
.
Create your developer account
You will need an active developer account to use Astra's sandbox API.
Sign up and generate API keys
- If you haven't already, browse to our Sandbox Dashboard
- Enter your email and set a password.
- Enter your first and last name and agree to our Developer Policy and Terms of Service.
- When you click
Create Account
you will be taken to the Dashboard panel. - On the Dashboard panel fill out the two required fields to generate your application's
client_id
andclient_secret
:
a. Name of your application
b. Redirect URI for your application (you can change this value via the Dashboard) - Click the Save Changes button at the bottom of the page. The page will refresh and reveal a new Keys section which will contain the Client ID and Client Secret for your application.
You now have an active developer account. You can always log into this dashboard again using your email address and password.
You may always return to the dashboard to access your keys. To rotate your keys or edit your redirect URI please contact us.
Note that Redirect URIs are used to guide Users back to a specific page in your application after exiting our SDK. You may register multiple Redirect URIs through your Developer Dashboard, but it's important to note that Redirect URIs must remain consistent in OAuth URLs when an end-user is navigating through our SDK.
Create a User Intent
To create the authorization required to make a request to the Astra API on behalf of an end user, you will need a test user profile. You can follow this process to create one.
Creating a user intent
- Create a new user intent following the steps outlined in our guide to testing in the sandbox environment.
Authorize your client with the test user
The majority of the endpoints in the Astra API require Authorization of your client application by the end user. This process generates the Authorization Code you will exchange for an Access Token.
- Browse to the OAuth URL generated in the dashboard (select Collect Authorization from the Action Type dropdown)
- Using your test user_intent (from above), log in, then click Authorize
- On success, the user will be redirected to the URI associated with your developer account
- Capture the
authorization_code
from the URL - Exchange the
authorization_code
for anaccess_token
viaPOST /v1/oauth/token
endpoint
Currently, you must use an API tool like Postman or a server to securely exchange the
authorization_code
in step 5. If your client is a Single Page Application (SPA), contact us for more information.
Make a request to the API with an Access Token
All endpoints that interact with an end user's Accounts or Routines require an Access Token in the API request header.
- Capture the
access_token
from the authorization step above - Add
Authorization: Bearer access_token
to the header of a request - Make a request to the API (we recommend the
GET /v1/accounts
endpoint - A successful request will return the appropriate payload
- Contact Astra to fully configure your client for your desired payment solutions:
- Congratulations, you are now ready to set up automated Routines and Transfers!
Updated 10 months ago