End-User Authentication
With Weavr, you can offer financial services to your customers. In such a case, financial instruments such as cards and IBANs, together with the funds on these instruments, belong to your customers not to you.
When you execute API requests that create your customers’ financial instruments or interact with them, you are doing so on behalf of your customers. You must provide a valid user session token to execute such API requests.
Obtaining end-user tokens
End-user tokens are generated and returned as part of the API response when a user registers for an identity or logs in to an identity. Such tokens expire after 5 minutes of inactivity.
Using end-user tokens
You should include an end-user token when you make an API call that requires the Authorization
header. Weavr uses JWT as the authentication technology, so you should prefix end-user tokens with the word Bearer
.