post https://accounts.voluti.com.br/api/v2/oauth/token
The initial step in utilizing the corporate API is the authentication process. During this step, the authorization server will validate the client's credentials and then issue a token.
The Voluti API employs OAuth 2.0 Bearer Tokens for request authentication. Every API request necessitates inclusion of a bearer token. After obtaining the access token, you can utilize any of the API endpoints outlined below (based on the scopes granted to your app), incorporating the access token within the HTTP Authorization Header.
Scopes
Scopes establish the extent of access that a token will possess in relation to resources within the Voluti platform.
| Resource | Read Scope | Write Scope | Accessible Using |
|---|---|---|---|
| Pix | pix.read | pix.write | Corporate token |
| Webhook | webhook.read | webhook.write | Corporate token |
| Transactions | transactions.read | Corporate token | |
| Account | account.read | Corporate token |