Breadify Integration API (1.1.0)

Use the following endpoints for access to the production environment.

All operations require an OAuth2 access token. When you onboard with Breadify, you will receive a client_id and a client_secret. This id and secret can be used to obtain an access token from the authentication endpoint. An example using curl to retrieve an access token would look like this:

curl -X POST -u "<your_client_id>:<your_client_secret>" -d "grant_type=client_credentials" https://auth.int.breadify.me/token

A successful response to the above request will include a property named access_token. This access token must be passed in the Authentication header, with the Bearer prefix of all API requests. Using curl, the Authorization header can be set with the following option:

--header "Authorization: Bearer <access_token>"

Access tokens expire after a certain amount of time. Your application will detect this by receiving a 401 Unauthorized response from the API endpoint. When this happens, you should request a fresh access token and pass that new token in subsequent API requests. It is recommended to use a library to handle this for you. A good example for ASP.NET Core applications would be https://docs.duendesoftware.com/identityserver/v6/tokens/requesting/#automating-token-requests-in-aspnet-core-and-worker-applications

Further details regarding OAuth2 can be found in the RFC at https://datatracker.ietf.org/doc/html/rfc6749

Add properties such as org numbers to trusted and watch lists. These lists can be used in rule sets when performing order or company assessments. You can also use these lists in your own logic via the API to keep track of your loyal and trusted customers, or customers with poor payment history.