<?php require_once __DIR__.'/../../vendor/autoload.php'; // Create server $server = new League\OAuth1\Client\Server\Xing(array( 'identifier' => 'your-identifier', 'secret' => 'your-secret', 'callback_uri' => "http://your-callback-uri/", )); // Start session session_start(); // Step 4 if (isset($_GET['user'])) { // Check somebody hasn't manually entered this URL in, // by checking that we have the token credentials in // the session. if ( ! isset($_SESSION['token_credentials'])) { echo 'No token credentials.'; exit(1); } // Retrieve our token credentials. From here, it's play time! $tokenCredentials = unserialize($_SESSION['token_credentials']); // // Below is an example of retrieving the identifier & secret // // (formally known as access token key & secret in earlier // // OAuth 1.0 specs). // $identifier = $tokenCredentials->getIdentifier(); // $secret = $tokenCredentials->getSecret(); // Some OAuth clients try to act as an API wrapper for // the server and it's API. We don't. This is what you // get - the ability to access basic information. If // you want to get fancy, you should be grabbing a // package for interacting with the APIs, by using // the identifier & secret that this package was // designed to retrieve for you. But, for fun, // here's basic user information. $user = $server->getUserDetails($tokenCredentials); var_dump($user); // Step 3 } elseif (isset($_GET['oauth_token']) && isset($_GET['oauth_verifier'])) { // Retrieve the temporary credentials from step 2 $temporaryCredentials = unserialize($_SESSION['temporary_credentials']); // Third and final part to OAuth 1.0 authentication is to retrieve token // credentials (formally known as access tokens in earlier OAuth 1.0 // specs). $tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $_GET['oauth_token'], $_GET['oauth_verifier']); // Now, we'll store the token credentials and discard the temporary // ones - they're irrelevant at this stage. unset($_SESSION['temporary_credentials']); $_SESSION['token_credentials'] = serialize($tokenCredentials); session_write_close(); // Redirect to the user page header("Location: http://{$_SERVER['HTTP_HOST']}/?user=user"); exit; // Step 2.5 - denied request to authorize client } elseif (isset($_GET['denied'])) { echo 'Hey! You denied the client access to your Xing account! If you did this by mistake, you should <a href="?go=go">try again</a>.'; // Step 2 } elseif (isset($_GET['go'])) { // First part of OAuth 1.0 authentication is retrieving temporary credentials. // These identify you as a client to the server. $temporaryCredentials = $server->getTemporaryCredentials(); // Store the credentials in the session. $_SESSION['temporary_credentials'] = serialize($temporaryCredentials); session_write_close(); // Second part of OAuth 1.0 authentication is to redirect the // resource owner to the login screen on the server. $server->authorize($temporaryCredentials); // Step 1 } else { // Display link to start process echo '<a href="?go=go">Login</a>'; }

Get Access Token

Get access token to initiates payment transaction.

Endpoint: POST generate-token

Parameter	Type	Comments
client_id	string	Enter merchant API client/primary key
secret_id	string	Enter merchant API secret key
env	string	Enter merchant API environment
merchant_id	string	Enter merchant API merchant id

Just request to that endpoint with all parameter listed below:

                    
                        Request Example (guzzle)
                        

                        
                            
<?php
                            
 require_once('vendor/autoload.php');
                            
 $client = new \GuzzleHttp\Client();
                            
 $response = $client->request('POST', $base_url. 'v1/generate-token', [
                            
'headers' => [
                            
  'accept' => 'application/json',
                            
  'content-type' => 'application/json',
                            
 ],
                            
'form_params' => [
                            
  'client_id'     => '$client_id',
                            
  'secret_id'     => 'secret_id',
                            
  'env'           => 'env',
                            
  'merchant_id'   => 'merchant_id',
                            
 ],
                            
                            
]);
                            
echo $response->getBody();

                    
                        
**Response: SUCCESS (200 OK)**
                        
{
                        
 "message": {
                        
 "success": [
                        
  "Successfully token is generated"
                        
 ]
                        
},
                        
"data": {
                        
 "token":"eyJpdiI6InpkczhjTjhQdVhUL2lKQ0pSUUx6aUE9P
SIsInZhbHVlIjoiVGVBTVBDTXltbjNZcEIvdEJveGpTSno3TU5NRUtn
VkhCZ1pHTFNCUnZGQ2UxMnYxN202cEE1YVRDTEFsc0ZERExoTjdtL0dTL2x
oU3QzeUJJOExiMUx5T0w1L0llUXhTUkU1cWVLWEdEbEplb0dKNXcwbTNRM0
VxdkUwYzZuNFdtNkhMQ0pRZysyNWkvdzBxSlBoSVBSOGFTekNnR2RXNHVtc
G9lMGZOTmNCcm1hR3c5Sk9KTnB4Y3ltZDl6cm90MThrR21Ca3B1azc3bXRi
Q0J6SW96UVo1elNkU1ZqeE05bTcwWGp1MEUxWlJFdnNWTmpSbnVpeW92b2U
4dXZkUGgyb1VmK0luaGdyaFlsVTZlcVpVRnZlTG1DeFF6Ykk2T2h6Z3Jzbn
IyNHpNdHowSE5JdDR0Y0pZT20zUm1XYW8iLCJtYWMiOiJlY2M4NGE1OGUzYz
kzYzk0YzljNmVmNjE0YWI0ZDIwOGI3NDQ2YWEyY2ZhNzc0NzE4ZmY1ZmYyMz

                        IyZmQzNDY1IiwidGFnIjoiIn0=",
                        
},
                        
"type": "success"
                        
}

                    
                        
**Response: ERROR (400 FAILED)**
                        
{
                        
 "message": {
                        
 "error": [
                        
  "Invalid credentials."
                        
 ]
                        
},
                        
"data": null,
                        
"type": "error"
                        
}