Authentication

πŸ‘‹

Please get in touch

If you would like access to our staging environment to begin interacting with our APIs, please get in touch with your implementation manager, or at [email protected] so we can provide you with API credentials

YouLend uses the Client Credentials flow from OAuth 2.0 to secure the API endpoints.

To request an access token for any of the APIs, perform a POST operation to one of the following endpoints:

LocationStaging URLProduction URL
Europehttps://youlend-stag.eu.auth0.com/oauth/tokenhttps://youlend.eu.auth0.com/oauth/token
USAhttps://youlend-stag.eu.auth0.com/oauth/tokenhttps://youlend-us.us.auth0.com/oauth/token

The payload of the request should be in the following format:

curl --request POST \
--url 'https://youlend-stag.eu.auth0.com/oauth/token' \
--header 'content-type: application/json' \
--data grant_type=client_credentials \
--data client_id=YOUR_CLIENT_ID \
--data client_secret=YOUR_CLIENT_SECRET \
--data audience=API_IDENTIFIER

The data audience is relating to the identifier of the API you want to interact with.

Europe audience URLs

IdentifierStaging audience URLProduction audience URL
Onboardinghttps://staging.youlendapi.com/onboardinghttps://youlendapi.com/onboarding
Notificationhttps://staging.youlendapi.com/notificationhttps://youlendapi.com/notification
Prequalificationhttps://staging.youlendapi.com/prequalificationhttps://youlendapi.com/prequalification
Loanhttps://staging.youlendapi.com/loanhttps://youlendapi.com/loan
Preapprovalhttps://staging.youlendapi.com/preapprovalhttps://youlendapi.com/preapproval

USA audience URLs

IdentifierStaging audience URLProduction audience URL
Onboardinghttps://staging.youlendapi.com/onboardinghttps://youlendapi.us/onboarding
Notificationhttps://staging.youlendapi.com/notificationhttps://youlendapi.us/notification
Prequalificationhttps://staging.youlendapi.com/prequalificationhttps://youlendapi.us/prequalification
Loanhttps://staging.youlendapi.com/loanhttps://youlendapi.us/loan
Preapprovalhttps://staging.youlendapi.com/preapprovalhttps://youlendapi.us/preapproval

The successful response (200) contains a signed JSON Web Token (JWT), the token's type (which is Bearer), and in how much time it expires in Unix time (86400 seconds, which means 24 hours).

{
  "access_token":"eyJz93a...k4laUWw",
    "token_type":"Bearer",
      "expires_in":86400
}

🚧

Be aware

Tokens are valid for 24 hours. Please wherever possible store a token each day and re-use it instead of requesting multiple tokens per day. You can use the expires in property to help you manage this

Your application must pass the retrieved Access Token as a Bearer token in the Authorisation header of all API requests. For example:

curl -X POST "https://partners.staging-youlendapi.com/onboarding/leads"
-H 'authorization: Bearer ACCESS_TOKEN' \
-H "accept: application/json"
-H "Content-Type: application/json"
-d "REQUEST_DATA"

πŸ‘

Try it out

You can also add the bearer token for an API directly in the API reference for each endpoint next to the 'Try it' button to try the operations without leaving this site