Authentication
Authentication
Endpoints
POST
Create Access Token
Create a new short-lived access token by validating your client_id
and client_secret
.
The access_token
is to be forwarded with all subsequent requests as
Authorization: Bearer {access_token}
HTTP header.
When the token expires you must regenerate your access_token
.
The client_id
and client_secret
can be supplied as POST body parameters, or as a HTTP basic auth header.
GET
Get Access Token Details
Get details about the client and application associated with your access_token
.
GET
Get JSON Web Key Set
The JSON Web Key Set (JWKS) is a set of keys containing the public keys used to verify JWTs in webhooks sent by MoneyKit.
The JWKS should be cached, but MoneyKit rotates its webhook keys periodically, so if an
incoming webhook's JWT has a key ID (`kid`) not contained in the cached JWKS, you should fetch
and cache the updated JWKS using this endpoint.