Making a request to the Kopo Kopo API

Once your application obtains an access token, it can be used to access protected resources in the Kopo Kopo API. If using an account access token, access to protected resources is limited to the scopes contained on an access token, and whether or not the token is valid (expired or revoked token).

Here is an example of an API request. Note that OAuth access tokens are passed via the Authorization HTTP header: Authorization: Bearer {access_token_here}

POST https://sandbox.kopokopo.com/api/v1/webhook_subscriptions
Content-Type: application/json
Accept: application/json
Authorization: Bearer myApplicationAccessToken

{
  "event_type": "buygooods_transaction_received",
  "url": "https://myapplication.com/webhooks",
  "scope": "till",
  "scope_reference": "555555"
}

... or ...

GET https://sandbox.kopokopo.com/webhook_subscriptions/a84222d5-31d2-4290-9a96-089813ef96b3
Accept: application/json
Authorization: Bearer myApplicationAccessToken

Assuming the access token is valid, the Kopo Kopo API will return a success or error response. If the access token is expired or invalid, the API will return an HTTP 401 with either a “InvalidAccessToken” or “ExpiredAccessToken” error. Learn more about making requests in our API docs.