Skip to main content
POST
/
v1
/
partner
/
merchants
/
{merchantId}
/
card-payments
/
auth-token
curl -X POST https://api.acountpay.com/v1/partner/merchants/42/card-payments/auth-token \
  -H "X-Partner-Client-Id: your-client-id" \
  -H "X-Partner-Client-Secret: your-client-secret" \
  -H "Content-Type: application/json" \
  -d '{
    "terminalId": "term_abc123"
  }'

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Authentication

X-Partner-Client-Id
string
required
Your partner client ID
X-Partner-Client-Secret
string
required
Your partner client secret

Path Parameters

merchantId
integer
required
The numeric merchant ID

Body Parameters

terminalId
string
The terminal ID to generate the auth token for. If omitted, a general merchant-level token is returned.

Response

token
string
A short-lived authentication token for the Surfboard Online SDK. Pass this to the SDK’s initialization method on the merchant’s frontend.

Usage

The auth token is used by the merchant’s frontend to initialize the Surfboard Online SDK: 
const surfboard = new SurfboardSDK({
  terminalId: 'term_abc123',
  publicKey: 'pk_live_abc123...',
  authToken: token, // from this endpoint
});
Tokens are short-lived and should be fetched fresh for each payment session. 
curl -X POST https://api.acountpay.com/v1/partner/merchants/42/card-payments/auth-token \
  -H "X-Partner-Client-Id: your-client-id" \
  -H "X-Partner-Client-Secret: your-client-secret" \
  -H "Content-Type: application/json" \
  -d '{
    "terminalId": "term_abc123"
  }'

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}