Authentication
Our API utilizes one-time authentication tokens for security. These tokens are valid for a single request and are designed to expire within 5 minutes of generation. Each API call must include a new token, generated specifically for that request.
Key Points:
- A token generated for one API request cannot be reused for any subsequent requests.
- Each API call requires a new token, even if you are performing similar operations.
- Tokens are valid for 5 minutes after generation. Once expired, a new token must be obtained.
Best Practice
We recommend implementing a logic in your system to automatically regenerate a new token for each API request you make. This ensures smooth operation and avoids any potential issues related to token expiration.
Available Environments
Brick provides two separate environments to support both development and production use cases.
To generate and manage your API credentials for each environment, log in to the Brick Dashboard, navigate to the Configuration menu, and select the API Credentials tab.
| Environment | Base URL | Purpose |
|---|---|---|
| Sandbox | https://sandbox.onebrick.io/v2 | Use this environment for testing and development. It simulates live behavior using mock data. |
| Production | https://api.onebrick.io/v2 | Use this environment for live applications connected to real financial institutions. |
Important Notes
- Credentials are different for each environment. Make sure you use the correct client_key and client_secret for the environment you're working in.
- Transactions in the Sandbox environment do not affect real accounts or institutions.
- Before switching to Production, ensure that your integration is fully tested in Sandbox.