The client can request an access token using only its client credentials (or other supported means of authentication) when the client is requesting access to the protected resources under its control (OAuth 2.0: RFC 6749 & 6750)

32 character alphanumeric string. The authorization code received after the User provides the consent. Authcode further used to generate B2B2C Token and card binding status check API.

Represents the content type of the received data (e.g. application/json)

Represents the media type that the client is able to accept from the server (e.g. application/json).

Client's current local time in yyyy-MM-ddTHH:mm:ss.SSSTZD format.

Client's client_id (PJP Name). It is provided when the registration process is completed.

Represents the access_token of a request. It starts with the keyword "Bearer " followed by the access_token. This is B2B token generated using ACCESS-TOKEN B2B API.

Integrity checking. Asymmetric Signature: SHA256withRSA(Private_Key, stringToSign)

stringToSign = client_ID + "|" + X-TIMESTAMP