API Introduction

Authentication

Tagcash uses OAuth 2.0 for API authentication which is the latest standard

There are 3 ways in which you can do this:

  1. Client Credentials
  2. Authorization Code

The first option listed below is for when you want users to login or connect to your application, so the user can see their wallets, balances, perform transfers etc, but you as the application owner do not have access to that information. The second option below is when you only want to perform actions as the merchant within the application, for payments out to others, managing members, allowing staff to login and so on.

1. Client Credentials

This kind of authentication is used when an app/community needs to log in on behalf of itself. It won't be able to switch to the user perspective though.

Parameters:
Parameters:
Parameters are to be passed as POST
URL:
URL:
https://api.tagcash.com/oauth/accesstoken
client_id:
client_id:
[Generated by Tagcash API Developer page of Community]
client_secret:
client_secret:
[Generated by Tagcash API Developer page of Community]
grant_type:
grant_type:
client_credentials
2. Authorization Code

This type of authentication is mainly intended for server side applications that can keep their Client ID and Client Secret. For e.g. a PHP application whose code is not available to the public.

Step 1:
Using your client id you redirect to Tagcash login page where the user enters his log in details. He will be shown the permission required by the app. After that, the user will be redirected back to the app along with an authorization code.

Parameters:
Parameters:
Parameters are to be passed as GET
URL:
URL:
https://api.tagcash.com/oauth
client_id:
client_id:
[Generated by Tagcash API Developer page of Community]
redirect_uri:
redirect_uri:
[Set on Tagcash API Developer page of Community]
response_type:
response_type:
code
scope
scope:
space separated permissions [OPTIONAL]
state
state:
1381395146 [OPTIONAL] Random value to prevent CSRF attacks

Final URL:

Step 2:
The server side code of the app then uses this authorisation code along with the client id and secret to obtain the access token, which can be used in all subsequent requests.

Parameters:
Parameters:
Parameters are to be passed as POST
URL:
URL:
https://api.tagcash.com/oauth/accesstoken
client_id:
client_id:
[Generated by Tagcash API Developer page of Community]
client_secret:
client_secret:
[Generated by Tagcash API Developer page of Community]
grant_type:
grant_type:
authorization_code
redirect_uri:
redirect_uri:
[Set on Tagcash API Developer page of Community]
code
code:
[code from the redirect url]