ValidiFI

Getting Started with our API

Our RESTful API allows you to integrate our services directly into your applications. Store customers and accounts, create and manage payments, and perform account and risk verifications. Services available in our API are also available through this website to interact within a user-friendly interface.

Much of our website is interactive, and most of the functions of our API are also available in a designed portal through our website. For example, you can add customers through the API, but then see these same customers on our website. You can add customers through the website and pull them from the API.

Environments

All customers, payments, risk verifications, API endpoints, etc. accessed through our test environment are separate from production. Payments created through our test website or test API will not process.

Once your implementation is complete, you can use our production environment to go live. This involves a different API address and different integration keys.

Test website: https://test.followthefrog.com
Production website: https://portal.followthefrog.com

Test API: https://sandbox.followthefrog.com
Production API :https://api.followthefrog.com

Interactive Endpoint Documentation

This page will help guide you through the concepts of our API and its different functions. For a list of all endpoints, you can launch our interactive endpoint documentation, which lists all available endpoints, provides sample body content and sample responses, and allows you to make calls directly to the API from the documentation.

Access Control and IP Address Restrictions

The public IP address that is calling our API must be added to the white-list, or else you will be unable to complete a call. In the test environment, you can white-list your own IP address from the API home page. To white-list an IP address in production, you must contact your CFSI representative. In both environments, you can see your white-listed IP addresses from the API home page

If your public IP is not added to the list, any API call (aside from obtaining a token) will fail with an Unauthorized response.
To add an IP address to the whitelist in production, you must contact us.

Obtaining A Token

The first step to interacting with our API is to obtain a BEARER token. To do this, you will need your ClientID and ClientSecret. Credentials are available on the API home page

Your token will expire 20 minutes from creation (time frame subject to change). When you obtain your token, cache the token and use it for every call to our server until it expires. The expiration time will accompany your token.

To obtain a token, make a POST call to /token

{
    "client_id" : "<your_client_id>", 
    "client_secret" : "<your_client_secret>", 
    "grant_type" : "client_credentials"
}

post/v2/token
- Obtains a bearer token

Next Steps

Now that you have successfully obtained a token, you can make calls specific to what you are trying to do. Please see the following sections of our API for more details:

Customers
Accounts
Payments
Risk Services

View All Endpoints