API authentication

This content aims to help developers with regard to integration with other languages in which we do not yet offer a library, or those who wish to integrate with our API without using any of our available SDKs.

The Gerencianet API responds for HTTP requests, regardless of the language used in the client. This way, if you don't use any of our SDKs, you can send POSTs respecting the HTTP protocol specification.

For API authentication, you must use your Client key pair (Client_Id and Client_Secret) of the application created in your Gerencianet account.

Authorization with OAuth2

The authorization mechanism for requests made to the Gestoret API is compatible with the OAuth 2.0 protocol. The purpose of OAuth2 is to obtain an access token (access_token). This access_token is used to authorize all calls made to the API, checking if a given application has permissions to consume the requested endpoint.

Authentication of requests is done with HTTP Basic Auth from the Client_Id and Client_Secret of the application created in your Gestãonet account.

Through this authentication, OAuth will be able to answer which authorizations the application has and, consequently, authorize or deny the requests according to that information.


Access authorization for application

The Gerencianet API is RESTful, requests/responses are in JSON and we use the OAuth2 as an API authorization framework. All OAuth2 requests must use their respective base endpoint.

For the Boletos API you can find the base route in the table below:

"URL": {
"sandbox": "https://sandbox.gerencianet.com.br/"
},

For the Pix API it is necessary to use a certificate issued in your Gerencianet account, so authorization follows the security standard mutual Transport Layer Security(mTLS). More information you can find on our Authorization with mTLS page, just click on the button below.



Endpoint: Authorize

The Gerencianet API supports the OAuth 2.0 protocol to authorize access to the API. Requests are authenticated using HTTP Basic Auth.

The purpose of the OAuth2 protocol is to exchange a chain of tokens between the Client and Server Resource. This token is used to authenticate all API calls using Authorization in the HTTP header.

The base endpoint for the Boletos API is:

"authorize": {
"route": "/v1/authorize",
"method": "post"
}

Libraries OAuth2

There are OAuth2 libraries for numerous languages. If for any reason you decide not to use any of our available SDKs, you will be required to do this authentication process. Choose a library before you start.

SDKs

If you choose to use our SDK, all libraries available here are already prepared to perform authentication with OAuth automatically. Click on the tab for the language of your choice to download the library.

// Instalando via Packagist com o Composer:
// Packagist: https://packagist.org/packages/gerencianet/gerencianet-sdk-php
// Composer: https://getcomposer.org/
$ composer require gerencianet/gerencianet-sdk-php
// Ou, se preferir, confira a documentação completa sobre como instalar a SDK