{"templateId":"markdown","versions":[{"version":"v1.0","label":"v1.0","link":"/docs/v1.0/concepts/auth-guide","default":false,"active":true,"folderId":"a2557b8d"},{"version":"v2.0","label":"v2.0 (latest version)","link":"/docs/concepts/auth-guide","default":true,"active":false,"folderId":"a2557b8d"}],"sharedDataIds":{"sidebar":"sidebar-docs/@v1.0/sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":[]},"type":"markdown"},"seo":{"title":"Authentication","description":"Learn how Trustap uses authentication.","llmstxt":{"hide":false,"title":"Trustap API","description":"Trustap is an API for end-to-end transaction solution that seamlessly integrates payments, fulfillment, and support into your marketplace. Trustap is an escrow API service facilitating secure transactions.","sections":[{"title":"Intro","description":"Trustap API introduction.","includeFiles":["docs/v2.0/intro/*.md"],"excludeFiles":[]},{"title":"Concepts","description":"Trustap Concepts","includeFiles":["docs/v2.0/concepts/*.md"],"excludeFiles":["docs/v2.0/concepts/errors.md"]},{"title":"Guides","description":"Trustap integration guides","includeFiles":["docs/v2.0/guides/**/*.md"],"excludeFiles":["docs/v2.0/guides/listing/"]},{"title":"API Reference","description":"Trustap API reference guide","includeFiles":["**/apis/@v2.0/openapi.yaml"],"excludeFiles":[]}],"excludeFiles":[]},"meta":[{"name":"robots","content":"noindex"}]},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"authentication","__idx":0},"children":["Authentication"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The Trustap API uses authentication to ensure that only authorized"," ","clients can access and interact with resources. This guide explains the"," ","types of authentication supported, how to use them, and when to use each"," ","method."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Trustap uses authentication to do the following."]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Identify who is making a request."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Prevent unauthorized access to user or transaction data."]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"types-of-authentication-supported","__idx":1},"children":["Types of Authentication Supported"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Trustap supports multiple ways to authenticate API requests. We recommend Basic Authentication for most integrations. If you need to perform actions on behalf of a specific user, include the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Trustap-User"]}," header. OAuth 2.0 is also available, but generally not required for partner integrations"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Auth type"},"children":["Auth type"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Description"},"children":["Description"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Use cases"},"children":["Use cases"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Basic Authentication (API key)"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Use your Trustap API key (Base64 encoded) in the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Authorization: Basic header"]},"."]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Recommended method for partner integrations."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Use for administrative tasks including user and transaction management."]}]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Basic Authentication + ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Trustap-User"]}," header"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Combine Basic Auth with a ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Trustap-User: user ID"]}," header to act on behalf of a specific user."]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Use for tasks on behalf of a user including tasks like payment management, delivery/handover confirmation,  transaction cancelling, and complaint submission."]}]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Bearer Token (OAuth 2.0)"]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Use an OAuth 2.0 access token in the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Authorization: Bearer"]}," header. Tokens are obtained via the ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/docs/v1.0/guides/transactions/online/online-create-full-user"},"children":["OAuth flow"]},"."]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Available but not recommended method for authentication."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Use for advanced third-party integrations needing fine-grained, per-user access control."]}]}]}]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"authentication-examples","__idx":2},"children":["Authentication examples"]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"basic-authentication","__idx":3},"children":["Basic Authentication"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["In cURL you can use ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["--user"]}," and use the key you received during ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/docs/v1.0/intro/auth"},"children":["setup"]},". Alternatively, you can use the header object ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["--header \"Authorization: Basic $(echo -n '<YOUR_TOKEN_HERE>:' | base64)\""]},"."]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"CURL","data-title":"Basic Authentication - Create a guest buyer","header":{"title":"Basic Authentication - Create a guest buyer","controls":{"copy":{}}},"source":"curl --location 'https://dev.stage.trustap.com/api/v1/guest_users' \\\n--header 'Content-Type: application/json' \\\n--user '<API_KEY>:' \\\n--data-raw '{\"email\":\"bert.gray@my-mail.com\",\"first_name\":\"Bert\",\"last_name\":\"Gray\",\"country_code\":\"at\",\"tos_acceptance\":{\"unix_timestamp\":1736354931,\"ip\":\"127.0.0.1\"}}'\n","lang":"CURL"},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"basic-authentication-with-trustap-user","__idx":4},"children":["Basic Authentication with ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Trustap-User"]}]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"CURL","data-title":"Basic Authentication with Trustap-User - Confirm delivery","header":{"title":"Basic Authentication with Trustap-User - Confirm delivery","controls":{"copy":{}}},"source":"curl -i -X POST \\\n  'https://dev.stage.trustap.com/api/v1/transactions/{transaction_id}/confirm_delivery_with_guest_buyer' \\\n  --user '<API_KEY>:' \\\n  --header 'Trustap-User: <USER_ID>'\n","lang":"CURL"},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"authentication-using-bearer-token","__idx":5},"children":["Authentication using Bearer token"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"CURL","data-title":"Authentication with Bearer token - Confirm delivery","header":{"title":"Authentication with Bearer token - Confirm delivery","controls":{"copy":{}}},"source":"curl -i -X POST \\\n  'https://dev.stage.trustap.com/api/v1/transactions/{transaction_id}/confirm_delivery_with_guest_buyer' \\\n  --header 'Authorization: Bearer <BEARER_API_TOKEN>' \\\n","lang":"CURL"},"children":[]}]},"headings":[{"value":"Authentication","id":"authentication","depth":1},{"value":"Types of Authentication Supported","id":"types-of-authentication-supported","depth":2},{"value":"Authentication examples","id":"authentication-examples","depth":2},{"value":"Basic Authentication","id":"basic-authentication","depth":3},{"value":"Basic Authentication with Trustap-User","id":"basic-authentication-with-trustap-user","depth":3},{"value":"Authentication using Bearer token","id":"authentication-using-bearer-token","depth":3}],"frontmatter":{"seo":{"title":"Authentication","description":"Learn how Trustap uses authentication.","meta":[{"name":"robots","content":"noindex"}]},"excludeFromSearch":true},"lastModified":"2026-04-03T11:38:21.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/docs/v1.0/concepts/auth-guide","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}