Authentication Reference
Supported Authentication Methods
1. API Key (Simple)
Suitable for server-side applications making read-only requests. Pass the key in the Authorization header:
Authorization: Bearer ak_live_xyz123...
2. OAuth 2.0 — Client Credentials
Suitable for server-to-server integrations. Issue a token from the token endpoint:
POST https://auth.aelix.digitalapi.ai/oauth2/token
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials
&client_id={client_id}
&client_secret={client_secret}
&scope={space-separated-scopes}
3. OAuth 2.0 — Authorization Code + PKCE
Suitable for user-facing applications. Redirect the user to the authorisation URL:
GET https://auth.aelix.digitalapi.ai/oauth2/authorize
?response_type=code
&client_id={client_id}
&redirect_uri=https://yourapp.com/callback
&scope=banking:read
&code_challenge={pkce_challenge}
&code_challenge_method=S256
&state={random_state}
Token Endpoint Response
{
"access_token": "eyJhbGciOiJSUzI1NiJ9...",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "rt_abc...", // Authorization Code flow only
"scope": "banking:read"
}
Scope Reference
| Scope | Description |
|---|---|
| banking:read | View accounts, balances, and transactions |
| banking:write | Create accounts and update account details |
| payments:read | View payment history |
| payments:initiate | Initiate domestic and international payments |
| identity:read | Read KYC and customer identity data |
| webhooks:manage | Register and manage webhook endpoints |