Partners and Child-Partners
Partners groupThe features were determined during contract negotiations and
Main Partner
The access token you received is for your main PayData API partner. This partner is used manage the settings, access tokens, child-partners and users.
Use the GetPartnerSelf endpoint to view your current partner.
{
"partnerStatistics": {
"userCount": 3
},
"id": "abc123",
"name": "Test",
"email": "info@example.com",
"redirectUrls": [
"https://redirect.example.com/oauth"
],
"userTokenExpirySeconds": 3600,
"permissions": [
"partner:read",
"partner:update",
"user:all"
],
"isDeleted": false,
"uiSettings": {
"redirectUrls": [
"https://redirect.example.com/oauth-ui"
],
"styling": {
// ...
}
}
}
Permissions
Your partner has a set of permissions that define the features that can be used and are allowed as access token scopes.
"permissions": [
"account:all",
"partner:all",
"transaction:all"
"user:all",
"webhook:all"
]
The features were determined during contract negotiations and can only be changed upon request. Please contact PayData support in that case.
Child-Partners
Your main partner needs the permission partner:create to create child-partners. Contact PayData support if that is not the case.
Child partners can be created using the CreatePartner method. The child-partner inherits the permissions defined on your main partner. The initial child partner access token will contain all available scopes.
- GetPartners: List child-partners.
- GetPartner: Show child-partner and its settings.
- UpdatePartner: Update child-partner and its settings.
- DeletePartner: Delete child partner.
A child-partner should manage its own tokens using the following endpoints to avoid losing access. See Partner Tokens.
- GetOwnPartnerTokens: List tokens for the current partner.
- CreateOwnPartnerToken: Create token for the current partner.
- RevokePartnerOwnToken: Revoke token for the current partner.
You may also decide that your system that manages the main partner will provide a short-lived child-partner token after the child-partner authenticates itself. This authentication is outside the scope of the PayData-API.
Settings
The current settings can be requested using the get partner self and get partner endpoints.
Use the update partner self update partner endpoints to update the settings.
| Name | Purpose |
|---|---|
email | Currently unused. But will receive important information or used as a login in the future. Change will be announced. |
redirectUrls | Whitelist of URLs allowed for the OAuth account authorization redirect. PayData will redirect to the first URL after completing an OAuth flow. |
userTokenExpirySeconds | Lifetime of the access tokens for users. See Token Management. |
uiSettings | Separate redirect URIs and styling settings for the Account UI. |
The update endpoints will reset unspecified settings to their defaults or null. Make sure to pass the full partner settings.