ZedPay
Authentication
Deposits APIDisbursements API
Authentication
Deposits APIDisbursements API
  1. Authentication
  • Getting started
  • Authentication
  • Calling ZedTech APIs
  • API Keys
  • Request auth token
    POST
  1. Authentication

Getting started

Welcome to the ZedTech developer platform.
This guide helps you make your first authenticated API request to ZedTech. Our APIs use OAuth 2.0 with JWT access tokens signed by our authorization server.

Overview#

Authentication flow:
1.
Obtain an API Key
2.
Request an OAuth Access Token
3.
Call ZedTech APIs using the Bearer Token
4.
APIs validate tokens using the JWKS endpoint
Auth Server:
https://api.kumusoft.xyz
JWKS Endpoint:
https://auth.zed.co.ug/.well-known/jwks.json

Step 1 — Obtain an API Key#

Before you can authenticate, you must obtain an API Key from ZedTech.
Example:
API_KEY=zed_d1d2f3e4r5e6f7fh8g9
Treat your API key like a password.
• Never expose it in frontend code
• Store it in environment variables

Step 2 — Request an Access Token#

Use the OAuth client_credentials flow to obtain a token.
Token endpoint:
POST https://api.kumusoft.xyz/auth/token
Example:
Example response:
{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600
}

Step 3 — Call an API#

Include the token in the Authorization header.
Example:
Next
Authentication
Built with