Authentication

bearer_auth

OAuth Authentication In order to interact with the Moota API, you or your application must authenticate.
The Moota API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account in full or in read-only mode.
You can generate an OAuth token by visiting the Apps & API section of the Moota control panel for your account.
An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.
Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.
How to Authenticate with OAuth
In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.
Authenticate with a Bearer Authorization Header
Content-type and Accept Header
Moota API uses JSON format for both input and output, therefore it is required to specify JSON as content type & accept JSON as response. The header specifications are as below.
HTTP(s) Header
Type
Description
Content-Type
application/json
It indicates that JSON format will be used in the request. Moota API accepts JSON requests.
Accept
application/json
It indicates that JSON format is acceptable as response for the request. Midtrans API responds back in JSON.
Authorization
Bearer
The Authorization field in Bearer Auth format, Server Key is used as username, and the password is blank.
Authenticate with a Bearer Authorization Header
curl -X $HTTP_METHOD -H "Authorization: Bearer <secret_token>" "https://app.moota.co/v2/$OBJECT"
Get Access Token
post
https://app.moota.co/
api/v2/auth/login
Auth
Scopes
​
api
Permision fo all access endpoint
user
Permision for manage user only
user_read
Permision only read profile without action
bank
Permision for manage bank account only
bank_read
Persmision only read data bank account without action
mutation
Permision for manage all data mutation
mutation_read
Permision only read data mutation without action

Getting Started

Profile

Last modified 1yr ago

HTTP(s) Header	Type	Description
`Content-Type`	`application/json`	It indicates that JSON format will be used in the request. Moota API accepts JSON requests.
`Accept`	`application/json`	It indicates that JSON format is acceptable as response for the request. Midtrans API responds back in JSON.
`Authorization`	`Bearer`	The Authorization field in Bearer Auth format, Server Key is used as username, and the password is blank.

Scopes
api	Permision fo all access endpoint
user	Permision for manage user only
user_read	Permision only read profile without action
bank	Permision for manage bank account only
bank_read	Persmision only read data bank account without action
mutation	Permision for manage all data mutation
mutation_read	Permision only read data mutation without action