Pushed Authorisation Requests are now the preferred way of initiating a payment with Moneyhub. From a high level, the information required for an authorisation request is pushed directly to our identity service, and in return, you get a request URI. This value is used to reference the request information provided. (See the above recipe for PAR in action)
If you wish to use Pushed Authorisation Requests, we recommend that you set the Request Object Signing algorithm to
nonein the Admin Portal.
The security that is gained from PAR means the request object signing isn't required. If request object signing is turned on, you will have to send a signed request object to the PAR end point.
- Gather the authorisation parameters you require that would go in a normal authorisation URL (see Creating an Authorisation URL
- Put the parameters in a request body, the request should have content type of
- Add to the request the required authentication that you would use for the token end point. (See Authentication)
- Send the request to
- From the response, extract the
- Create the authorisation URL in the format:
Updated 3 months ago