post https://api-h.envbank-baas.com.br/api/auth
The Authentication endpoint is a critical entry point to the ENV Bank API, enabling users to securely access the platform's services. This endpoint is designed to authenticate and authorize API requests, ensuring a secure communication channel between your application and the Env Bank system. To authenticate the API successfully, users must include both the unique API Key and API Secret in the request parameters.
Heads up!
- The issued token will have a lifetime of 30 minutes. The partner must pay attention to the expires_in (in seconds) property to implement its cache and token renewal strategy. It is extremely important that the token is used throughout its lifetime, and that another one is issued only after the one that has already been generated has expired.
- Avoid generating a new token before the current one expires to avoid overloading the system and maintain efficiency. If too many authentication requests are made before the expiration time, you may receive a temporary block of a 5 minutes with the message "Too Many Attempts."
Practical Tips
- Security: Never expose your API key and API secret in public code or repositories. Use environment variables to store this sensitive information.
- Authentication Token: Store the authentication token in a secure location and monitor its expiration time to renew the token as needed, avoiding service interruptions.
- Logs: Implement appropriate logs to monitor authentication attempts and handle potential failures.