Skip to main content

User Management

A user must exist before accounts can be created. The CreateUser endpoint will create a user and return the initial access token. The token allows the partner to act on behalf of the user to create accounts, read transactions and more.

info

Users have only access to their own accounts.

User tokens have a short lifetime and the partner must issue a new token when needed. See Token Management for more information.

Additionally, to view user information or get statistics, partners can use

  • GetUsers method to get a list of users;
  • GetUser method to get detailed info about a user.

Users information can be updated using

  • UpdateUser method to update the user name and email.

To delete a user partners can use

Create a user

A user can be created without any information using the Create User API operation. If not specified a unique username will be automatically generated. You may choose to use your own user names to make identifying them easier. The optional mail address is used in case the PayData system needs to contact the user (e.g. for File based Accounts or in case of errors with the account).

POST 'https://api-sandbox.paydata-api.com/partner/v2/users'
Authorization: Bearer {PartnerToken}
{
    // "name": "my-user", // optional, generated if omitted
    // "email": "user@example.com" // optional
}

The response should look similar to the following JSON.

{
    "token": {
        "accessToken": "{UserToken}",
        "createdAt": "2023-09-02T15:01:16.892558Z",
        "expiresIn": 3600,
        "expiresAt": "2023-09-02T16:01:16.892558Z",
        "isRevoked": false,
        "isExpired": false,
        "isValid": true,
        "scope": "account:all transaction:all",
        "lastUsedAt": null,
        "revokedAt": null
    },
    "id": "gg61yadj21",
    "name": "User-1",
    "registration": "2023-09-02T15:01:13.0804649Z",
    "lastTransfer": null,
    "lastExport": null,
    "isDeleted": false,
    "isActive": true,
    "email": ""
}

Here token.accessToken contains the initial user token with full permissions (scopes). The token is valid for 1 hour by default but new and longer lived tokens can be created using the partner token (See Create user tokens).

info

It's the partners responsibility to create new user tokens when a token is about to expire. A user currently can not refresh their token.

Create user tokens

User tokens should have a short lifetime and therefore it is necessary to regularly create new access tokens. Use create user token with the partner token to create new tokens with adjusted scopes and lifetime values.

POST 'https://api-sandbox.paydata-api.com/partner/v2/users/gg61yadj21/tokens'
Authorization: Bearer {PartnerToken}
{
    "expiresIn": 36000, // 10h
    "scope": "account:read transaction:read"
}

The response should look similar to the following JSON.

{
    "accessToken": "{UserToken}",
    "createdAt": "2023-09-02T16:35:54.8128082Z",
    "expiresIn": 36000,
    "expiresAt": "2023-09-02T17:35:54.8128082Z",
    "isRevoked": false,
    "isExpired": false,
    "isValid": true,
    "scope": "account:read transaction:read",
    "lastUsedAt": null,
    "revokedAt": null
}

Delete a user

If a user is not needed anymore, it should be deleted.

DELETE 'https://api-sandbox.paydata-api.com/partner/v2/users/gg61yadj21'
Authorization: Bearer {PartnerToken}
warning

Data of deleted users will be queued for deletion and deleted permanently after 31 days. Restoring the user will not be possible!