1. Home
  2. Docs
  3. Getting started
  4. Service Providers access to Bizao APIs

Service Providers access to Bizao APIs

Bizao gateway gives you access to a list of one-time REST APIs. It provides you endpoints to process your business traffic in different Telco-operators in Africa.

To use our APIs, the service provider needs first to be registered as partner.

So far, this step is made off-line by Bizao.

After your subscription, Bizao will give you all the credentials your need to generate your ACCESS_TOKEN that will be use as Header in all your calls to our APIs:

  • Sample of ACCESS_TOKEN

    4qa1bae4-3f9b-346-9w1b-c0e4d4ef

The B2B connection to Bizao gateway is made in SSL1 way to secure your traffic.



Bizao offers three methods of end-user authentication:


  1. One time Password (OTP) : this is an explicit web authentication mode. It is adapted for all HTTP access. It only needs a mobile to receive a PIN code by SMS.
  2. 3G/4G-Redirect URL : this is a mobile-only implicit mode. It works only for MNOs’ customers connected through their 3G/4G data network. The result of a successful authentication is sent to a callback URL provided by the service provider.

The descriptions and uses of these methods are in dedicated sections. During the authentication journey, our platform will provide you with a pair of keys for each Client authenticated. These keys will replace the user’s number to be used for most of our APIs:

  • bizao-token: it’s an unique and limited time ID (1 year) to use for critical API calls such as the Payment API. Please note that a new bizao-token is generated each time a user is authenticated
    • Sample of token :
      "B64ZNgw9MaNekCsFRYf9pe6WZFzYnOKQxoyUagq8v2anGGrY4JG+Xx5MO42iFpkEYzf|MCO=OCI|tcd=1526548445|ted=1526348545|uSmSX85ScNIIMK5QHOK1kSoNYYk=”

      Note:

      The parameter ‘tcd’ stands for Token Creation Date (timestamp format)

  • bizao-alias: it’s a unique and unlimited in time ID to use for tracking user or in our SMS Notification API
    • Sample of alias :
      “PDKSUB-200-dM50oiCPDlihWwXlf9rNGegZeQjC8eX/EvF8e/BJAyg=”

Note:

These Keys must be used instead of user’s MSISDN for all API Calls except for our Challenge API (One time Password authentication)

Was this article helpful to you? Yes 2 No

How can we help?