When making requests to Moov from a browser, you can use OAuth with JSON Web Tokens (JWT).
Within your server-side application, you’ll generate a single-use access token containing information needed to communicate with your Moov account securely. Once you’ve generated this token, you can send it back to your client to use with Moov.js.
Moov.js is a browser client that collects PII data so you don’t have to be responsible for handling and storing sensitive customer information. Use Moov.js to expedite setting up your payments flow and streamline your interactions with the Moov API.
You can add Moov.js to your web application by including the script tag.
For each action you take you will need a unique short lived access token. The example below generates a token that can create a new account using the /accounts.write scope.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
import{Moov,SCOPES}from'@moovio/node';constmoov=newMoov({accountID:"YOUR_MOOV_ACCOUNT_ID",publicKey:"PUBLIC_KEY",secretKey:"PRIVATE_KEY",domain:"YOUR_DOMAIN"});constscopes=[SCOPES.ACCOUNTS_CREATE];try{const{token}=awaitmoov.generateToken(scopes);// Do something with token
}catch(err){// Handle any errors
}
A scope is a permission that determines the limits of what a specific account can do on another account. For example, you may want an account to request money from another account but not pull money from another account. In other instances, you may want to set the scope for an account only to receive money from other accounts.
To start paying others, you can set up others with Moov accounts. If you’d like to link a Moov account to an account in your system, you have the option to pass a foreign ID.
Use Moov.js to collect sensitive information from your users without handling the data on your servers.
1
2
3
4
5
6
7
8
9
10
11
12
13
constmoov=Moov(token);constaccount=awaitmoov.accounts.create({"accountType":"business","profile":{"business":{"legalBusinessName":"Whole Body Fitness LLC","businessType":"llc",}},"foreignId":"your-correlation-id","capabilities":["transfers"]})
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
constmoov=newMoov({accountID:"YOUR_ACCOUNT_ID",publicKey:"PUBLIC_KEY",secretKey:"PRIVATE_KEY",domain:"YOUR_DOMAIN"});constaccount=awaitmoov.accounts.create({"accountType":"business","profile":{"business":{"legalBusinessName":"Whole Body Fitness LLC","businessType":"llc",}},"foreignId":"your-correlation-id","capabilities":["transfers"]})
Capabilities indicate what the account is able to do. You can specify capabilities when the account is created, as shown above, or add them later.
Below we show the required scope for creating the access token for requesting capabilities. Replace {accountID} with the ID of the account you want to request the capability for. To learn more about capabilities or find out which ones you need, you can read more in the capabilities guide.
If you’re requesting send-funds, collect-funds, or wallet capabilities, that account will need to accept Moov’s terms of service. To do so, you’ll need to:
Use a server-side integration to move money. If you need to present options to the user on which payment methods to use, use the following to get a list of available payment methods based on account ID and amount.
A payment method specifies the way a Moov account will be moving money. There are several different methods for transferring money with Moov. For example, you can transfer money from the Moov wallet, or you might want to pull funds from another account through ACH debit. Before making a transfer, you will need to get a payment method.
Below we show the required OAuth scope for creating the access token in order to get a payment method.
importfetchfrom'node-fetch';constresponse=awaitfetch("https://api.moov.io/transfers",{method:"GET",headers:{"Authorization":`Bearer ${token}`,"Content-Type":"application/json"},body:{"source":{"paymentMethodID":"UID",},"destination":{"paymentMethodID":"UID",},"amount":{"value":100,"currency":"usd"},"description":"Paying Jules for last 4 classes"}});
You’ve just moved money! Take a look at webhooks to learn how to subscribe to events that take place in your Moov integration.
Once you’ve gotten set up, you can continue to make transfers or accept payments. You can also customize your account settings, add team members, and manage roles and permissions in the Moov dashboard. Feel free to explore our API reference to see example requests/responses or get more context on a particular endpoint.