1. [    Home ](/)
2. [Documentation](/docs)
3. [API Reference](/docs?category=31)
4. Authentication Reference
 
 API Reference Latest      8 min read  

# Authentication Reference

  A  admin  April 15, 2026  

 

 

 

 

 

 

  ## On this page

  
  [    Back to top ](#main-content) 

 ## Supported Authentication Methods

### 1. API Key (Simple)

Suitable for server-side applications making read-only requests. Pass the key in the Authorization header:

Authorization: Bearer ak\_live\_xyz123...

### 2. OAuth 2.0 — Client Credentials

Suitable for server-to-server integrations. Issue a token from the token endpoint:

POST <https://auth.aelix.digitalapi.ai/oauth2/token>  
Content-Type: application/x-www-form-urlencoded

grant\_type=client\_credentials  
&amp;client\_id={client\_id}  
&amp;client\_secret={client\_secret}  
&amp;scope={space-separated-scopes}

### 3. OAuth 2.0 — Authorization Code + PKCE

Suitable for user-facing applications. Redirect the user to the authorisation URL:

GET <https://auth.aelix.digitalapi.ai/oauth2/authorize>  
 ?response\_type=code  
 &amp;client\_id={client\_id}  
 &amp;redirect\_uri=<https://yourapp.com/callback>  
 &amp;scope=banking:read  
 &amp;code\_challenge={pkce\_challenge}  
 &amp;code\_challenge\_method=S256  
 &amp;state={random\_state}

## Token Endpoint Response

{  
 "access\_token": "eyJhbGciOiJSUzI1NiJ9...",  
 "token\_type": "Bearer",  
 "expires\_in": 3600,  
 "refresh\_token": "rt\_abc...", // Authorization Code flow only  
 "scope": "banking:read"  
}

## Scope Reference

ScopeDescriptionbanking:readView accounts, balances, and transactionsbanking:writeCreate accounts and update account detailspayments:readView payment historypayments:initiateInitiate domestic and international paymentsidentity:readRead KYC and customer identity datawebhooks:manageRegister and manage webhook endpoints

 

 

 

 ### Tags

Tags

[OAuth](/taxonomy/term/37)