SulPayments APIs use Bearer authentication. You exchange your client_id and client_secret for a short-lived token at the authentication endpoint, then pass the token on every subsequent request.

How it works

1

Encode your credentials

Base64-encode client_id:client_secret:
echo -n "your_client_id:your_client_secret" | base64
2

Request a token

Call the auth endpoint with the encoded value in the Authorization: Basic header.
curl -X POST https://api-eu.sulpayments.ch/v1/auth \
  -H "Authorization: Basic {base64_encoded_credentials}"
3

Use the token

Send the returned token as a Bearer header on every API call.
curl https://api-eu.sulpayments.ch/v1/orders \
  -H "Authorization: Bearer {token}"
4

Renew before expiration

Tokens are valid for 30 minutes. Cache them and refresh shortly before they expire.
See the full endpoint reference at POST /v1/auth.