Authentication
Exchange your client credentials for a 24-hour access token.
All Cloud Middleware requests require authentication. Exchange your client credentials for an access token, which is valid for 24 hours.
Get access token — POST /api/auth/getToken
POST /api/auth/getTokenGenerates an authentication token for API access.
Request parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
clientId | string | Yes | Your unique client identifier |
clientSecret | string | Yes | Your client secret key |
Request
{
"clientId": "merchant1",
"clientSecret": "pos123"
}
Response
{
"tokenGenerationTime": "25-03-2026T09:29:43",
"tokenExpirationTime": "26-03-2026T09:29:42",
"clientId": "merchant1",
"statusCode": 200,
"statusMessage": "Authentication successful"
}
The response doesn't show the token, or how to send it
The example response returns generation/expiry times but no token field, and the doc doesn't specify how the token is presented on later requests (e.g. an
Authorization: Bearer <token>header). Confirm both with NamiPay — integrators will need the exact token field name and the header format to use it.
Tokens expire after 24 hours
Cache the token and refresh it before
tokenExpirationTime. A request made with an expired token returns401(see Status Codes).