Set up authorisation assertion grant
To build a self-hosted app and integrate with Zettle APIs, the merchant must provide you with access to merchant data in Zettle. For a self-hosted app, this is done using an API key in the form of a JSON web token (JWT) assertion. The following describes how to set up this authorisation flow.
- A developer account on the Developer Portal. If you don't have this, see sign up for a developer account.
- An API key and a client ID for the app. If you don't have these, see create credentials for a self-hosted app.
Include the API key and the client ID in the following request to retrieve an access token.
Example: The following example retrieves an access token using the assertion grant flow. The access token is valid for 7200 seconds. The response value
expires_inis the remaining lifetime of the access token in seconds.
The access token expires after 7200 seconds. Use the same API key to generate a new one, as described in Step 1: Retrieve an access token.