SumUp REST API
SumUp’s REST API operates with application/json
HTTP requests and response. The request bodies are sent through resource-oriented URLs and use the standard HTTP response codes.
For testing our APIs, please contact us for a test account.
When you receive your test account you can create your client credentials and process different requests with real payment instruments, without charging them.
Authentication
- Access Token
At SumUp authentication uses your API credentials and Basic HTTP auth. The API credentials consist of a client_id
and client_secret
key-value pair.
It is possible to create multiple API credentials for each of the applications you connect with your SumUp account.
Use the API credentials as an authorization header for requests that require such.
Authorization
SumUp uses the OAuth 2.0 authorization framework and supports two authorization flows for obtaining an access token.
The flow you choose will grant your access token specific permissions. All API calls should include the obtained access token in the Authorization: Bearer <<valid_access_token>>
format.
To complete successful requests, ensure you have requested the necessary scopes for your authorization flow of choice.
Security Scheme Type: | oauth2 |
---|---|
authorizationCode OAuth Flow: | Token URL: https://api.sumup.com/token Authorization URL: https://api.sumup.com/authorize Refresh URL: https://api.sumup.com/token Scopes:
|
clientCredentials OAuth Flow: | Token URL: https://api.sumup.com/token Scopes:
|