2. Authentication, Configuration, and Credentials - API Implementation
To ensure a secure, efficient, and successful integration with the Credit API (SCD/CCB), it is essential that certain technical prerequisites are met by the partner company before development begins.
Authentication
Access to the API is protected by a robust authentication system based on JWT and divided into two permission levels, each with its own set of credentials (client_id and client_secret).
User Level: After the initial setup, EasyCredito will provide User credentials. This is the access level used for day-to-day operations, such as simulating and creating credit proposals, registering borrowers, generating CCBs, and requesting disbursements.
To interact with the API, the client must first make a call to the authentication endpoint using their credentials to obtain a token. This token must then be included in the Authorization header of all subsequent requests.
Static IP for Requests
For security reasons, the partner company is required to use one or more fixed IP addresses for all requests sent to the API. This measure allows EasyCredito to implement stricter security policies, ensuring that requests originate only from trusted and pre-approved sources.
Updated about 23 hours ago