Tyro Connect’s APIs require authentication, and Tyro Connect’s authorisation server uses the OAuth 2.0 Client Credentials Flow to authenticate POS Cloud Connection.
To get started, you must first request a set of credentials from Tyro Connect, once provided these credentials will contain two values a client_id and client_secret.
Each request to a Tyro Connect API is authenticated with a JWT (JSON Web Token). To obtain a JWT a partner must make a request to the /oauth/token end point of the authorisation server.
- The credentials we provide you with are private and should be stored securely.
- Each JWT expires after 12 hours. Partners are encouraged to monitor the expiry of their token and refresh expired tokens prior to making calls to any of the APIs.
If a Partner requests more than 12 tokens within an 11 hour period the authorisation server will reject the requests. Please make sure you cache your tokens and only request a token when it is about to expire.
You can try it out and generate a code snippet below, make sure to save the result as the returned access_token can be used for making any other requests.
- https://auth.connect.tyro.com/oauth/token
- curl
- C#
- Node.js
curl -i -X POST \
https://auth.connect.tyro.com/oauth/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d client_id=ProvidedByTyro \
-d client_secret=BruceWIsAGhost \
-d grant_type=client_credentials \
-d audience=https://pos.connect.tyroA successful response contains:
access_token: This is the JSON Web Token (JWT) that you will use to make authenticated requests to Tyro Connect. You must pass the retrieved Access Token as a Bearer token in the Authorization header of your Tyro Connect REST API request.expires_in: This is the number of seconds until the Access Token expires. Please use this value to determine when to request a newaccess_tokenand to respect the rate limits of the authorisation server.token_type: This value is alwaysBearer.