Everything you can do in the dashboard can be done through the API. This includes creating and updating entities, creating and updating payment methods, and creating and updating invoices.
For this guide, we will be creating a simple endpoint that will generate a Mercoa token for the entity we created in the pervious step. This token can be safely passed to the client and used in your frontend application.
Creating a Token
Mercoa uses JSON Web Tokens to authenticate users. These tokens are generated using your API key and the entity's ID. The token can then be passed to the client and used to authenticate the user.
Let us create an endpoint that authenticates the user, generates a JWT with the user's
entityId, and return the generated token.
In the example below, we are using Mercoa's
foreignId support to find the entity linked to your customer.
This means you do not need to store the
entityId in your database.
Using the Token
Now that we have a token, we can use it to authenticate the user in our frontend application. Tokens have a default expiration of 24 hours, but you can change this by passing in the
expiresIn option when generating the token.