Paga Connect

Introduction

Paga Connect is a merchant library for Paga business clients that want to have a seamless integration with Paga without the need to require their users to always approve transactions. Users give permissions and approve the first time and then subsequent transactions are performed on behalf of the user.

Paga connect uses the OAuth 2.0 Specification to enable secure integration with our 3rd party clients. Paga connect is currently implemented based on the final release of the OAuth2 Specification (RFC6749).

Paga Connect Basic Flow

In order to make request on behalf of a user, the OAuth2 Client must obtain an Access Token from the OAuth2 Service and provide the Access Token with each request on behalf of the user. The Access Token represents the permission that the user and the service have provided to the Client to make specific requests on behalf-of the user.

Obtaining The Authorization Code

  • Forward the user to the authorization endpoint URI.
  • The user will be asked to authenticate, and authorize your Client to execute operations on their behalf.
  • After validating authorization from the user, we will redirect the user’s agent back to a Uri provided by you (redirect_uri parameter provided with authorization request) and include in there a one-time Authorization Code.
  • Your Client will extract the Authorization Code and make a separate request (not visible to the User) to get an Access Token, providing the one-time Authorization Code and your Client credentials (client id and password provided to you).
  • If the request for the Access Token is valid, we will return a new Access Token in the response.
  • Your Client can now make requests to secured URIs on behalf of the user, by providing the Access Token with the request.

Paga Authentication Details

As of this time, Paga connect authentication details have to be obtained directly from Paga. That will change in the near future.

The steps required to obtain authentication details are outlined below.

Implementation Details

The Following parameters would be needed in initializing the library

  • Client_ID : This is identifier for your OAuth 2.0 client. You will be assigned a unique client id for your client along with a client secret (password) that will be discussed later. Note that individual organizations would have multiple client ids if they implement multiple OAuth 2.0 clients.

  • Scope : This is a set of strings that allows the client to specify the scope of access required. This scope is also used by the authorization server to inform the users of what permissions they are providing to the client. The scope parameters are outlined in table below.

    ScopeDescription
    MERCHANT_PAYMENTThis permission allows you to charge a user's Paga account
    USER_REQUEST_ACCOUNT_BALANCEThis allows you to request the Paga user's account balance
    MONEY_TRANSFERThis allows you to transfer money to a Credit a paga User's account
    USER_DETAILS_REQUESTThis allows you to request a user's details (See UserData Table for more)
  • User_Data : This is an optional set of strings that allows the client to specify the scope of user data required. This scope is also used by the authorization server to inform the users of what permissions they are providing to the client. The user_data parameters are outlined in the table below.

    User Data
    FIRST_NAMEGet the user's first name
    LAST_NAMEGet the user's last name
    MOBILE_NUMBERGet the user's paga mobile number
    EMAILGet the user's paga email address.
    USERNAMEGet the user's paga username

What’s Next

Various Paga Connect Libraries