Skip to content

Authentication

Create an access token

Within your server-side application, you’ll generate a single-use access token that contains information needed to securely communicate with your Moov account. Once you’ve generated this token, you can use it to make calls from the server or send it back to your client to use with Moov.js.

Diagram showing token generation process

1
2
3
4
curl -X POST 'https://api.moov.io/oauth2/token' \
  -u 'client_id:client_secret' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  --data-urlencode 'grant_type=client_credentials'
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
const fetch = require('node-fetch');
const keys = Buffer.from(`${public_key}:${private_key}`).toString('base64');
const response = await fetch('http://api.moov.io/oauth2/token?grant_type=client_credentials', {
    method: 'POST',
    headers: {
        'Authorization': `Basic ${keys}`,
        'Content-Type': 'application/x-www-form-urlencoded'
    }
});
const data = await response.json();
const token = data.access_token;

Initialize Moov.js

Once you have the access token you can initialize moov.js in the browser by including the script and initializing Moov.

1
2
3
4
5
6
<head>
  <script type="text/javascript" src="https://js.moov.io/v1"></script>
  <script>
    const moov = Moov(token)
  </script>
</head>