To integrate with the API provided for the Partner Portal, follow the following steps. The base URLs for the Partner API environments are:
Sandbox: https://partnersapi-sandbox.trustist.com
Production: https://partnersapi.trustist.com
1. Obtain an Access Token #
Before making any API calls, you need to obtain an access token using the Client Credentials flow. This token will be used to authenticate your requests to the API.
Endpoint #
POST /token
Request Parameters #
client_id
(string, required): Your client ID.client_secret
(string, required): Your client secret.grant_type
(string, required): Must be “client_credentials”.
Example Request #
POST /token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
client_id=your_client_id&client_secret=your_client_secret&grant_type=client_credentials
Example Response #
{
"access_token": "your_access_token",
"token_type": "Bearer",
"expires_in": 3600
}
2. List Invitations #
Retrieve a list of invitations sent by the partner.
Endpoint #
GET /invitations
Headers #
Authorization: Bearer {access_token}
Example Request #
GET /invitations HTTP/1.1
Authorization: Bearer your_access_token
Example Response #
[
{
"id": "invitation_id",
"status": "sent",
...
},
...
]
3. Get Invitation by ID #
Retrieve details of a specific invitation using its ID.
Endpoint #
GET /invitations/{id}
Headers #
Authorization: Bearer {access_token}
Example Request #
GET /invitations/invitation_id HTTP/1.1
Authorization: Bearer your_access_token
Example Response #
{
"id": "invitation_id",
"status": "sent",
...
}
4. Create a New Invitation #
Create a new invitation for a client.
Note that the payment types offered to a client can be affected by the “paymentTypes” property on the request. This currently only affects the merchant’s ability to take card payments, which they will not be aware exists as an option if “cards” is removed. Trying to remove “openbanking” will have no affect however, as it is a mandatory service offered by TrustistTransfer at this time.
Endpoint #
POST /invitations
Headers #
Authorization: Bearer {access_token}
Content-Type: application/json
Request Body #
{
"email": "client_email",
"name": "client_name",
"paymentTypes": [
"openbanking",
"cards"
]
}
Example Request #
POST /invitations HTTP/1.1
Authorization: Bearer your_access_token
Content-Type: application/json
{
"email": "client_email",
"name": "client_name",
"paymentTypes": [
"openbanking"
]
}
Example Response #
{
"id": "new_invitation_id",
"status": "pending",
...
}
5. Get Merchant Keys #
Retrieve API keys associated with a merchant for a specific invitation.
Endpoint #
GET /invitations/invitation_id/merchant/keys HTTP/1.1
Authorization: Bearer your_access_token
Example Response #
{
"items": [
{
"apiKey": "merchant_api_key",
...
}
]
}
Error Handling #
All endpoints may return standard HTTP status codes to indicate the success or failure of your request. Common status codes include:
200 OK
: The request was successful.400 Bad Request
: The request was invalid or cannot be served.401 Unauthorized
: Authentication failed or user does not have permissions.404 Not Found
: The requested resource could not be found.500 Internal Server Error
: An error occurred on the server.
Summary #
- Get Access Token: Obtain a token to authenticate your requests.
- List Invitations: Retrieve a list of invitations.
- Get Invitation: Get details of a specific invitation.
- Create Invitation: Create a new invitation for a client.
- Get Merchant Keys: Retrieve merchant API keys associated with an invitation.
Ensure you handle the authentication token properly and refresh it as needed, especially since it has an expiration time (expires_in
).
For further details, consult the API documentation or reach out to the API support team.