Authentication Token Structure

The MOTAR API follows the OAuth2 standard as closely as possible. The following data is encoded as a MOTAR Bearer token and can be decoded and used by vendors as necessary.

• issuer: dynepic.com

• audience: for production tokens generated for motar.io usage, the issuer shall be api.motar.io. For sandbox endpoints generated for sandbox.motar.io usage, the issue shall be sandbox.motar.io.

• subject: the platform user ID of the user account used to login and generated the token.

• expiresIn: length of time in seconds the token will last before needing to be refreshed. Authentication tokens are configured to last 24 hours, or until the user logs out of the session represented by the token.

• nonce: the nonce provided by the client during the /sign-in processes

• jwtid: a unique identifier for the token.