Skip to main content
1

Get your credentials

Your client ID and client secret are provided by Tesouro during onboarding. To request access, have your designated team lead submit an access request.
2

Get an access token

Exchange your credentials for a short-lived JWT:
curl --location 'https://api.sandbox.tesouro.com/openid/connect/token' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data-urlencode 'grant_type=client_credentials' \
  --data-urlencode 'client_id=YOUR_CLIENT_ID' \
  --data-urlencode 'client_secret=YOUR_CLIENT_SECRET'
3

Make your first API call

Use the token to call the GraphQL endpoint. For example, authorize a transaction:
curl --request POST \
  --url https://api.sandbox.tesouro.com/graphql \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
  --data '{
  "query": "mutation AuthorizeCIT($input: AuthorizeCustomerInitiatedTransactionInput!) { authorizeCustomerInitiatedTransaction(authorizeCustomerInitiatedTransactionInput: $input) { authorizationResponse { status: __typename transactionId paymentId } errors { ... on Error { message __typename } } } }",
  "variables": {
    "input": {
      "acceptorId": "YOUR_ACCEPTOR_ID",
      "transactionReference": "YOUR_UNIQUE_REFERENCE",
      "authorizationIntent": "FINAL_AUTHORIZATION",
      "channel": "ECOMMERCE",
      "paymentMethodDetails": {
        "cardWithPanDetails": {
          "expirationMonth": "09",
          "expirationYear": "2051",
          "accountNumber": "5188690009946204",
          "paymentEntryMode": "PAYMENT_METHOD_ON_FILE",
          "paymentChannel": "ECOMM",
          "securityCode": {
            "omissionReason": "VERIFICATION_NOT_REQUESTED"
          }
        }
      },
      "transactionAmountDetails": {
        "totalAmount": 100.99,
        "currency": "USD"
      },
      "automaticCapture": "NEVER"
    }
  }
}'

Next steps

  • Learn about authentication concepts and available methods
  • Explore the Sandbox environment for testing
  • Review the API concepts for environments, rate limiting, and pagination