Authentication
API People APIs use OAuth 2.0 to authenticate HTTP requests, the industry‑standard protocol for authorization.
All requests need to include authorization headers such as Authorization, and x-correlation-id. The following code snippet shows an example of a request, including the authentication headers.
POST /api/v1/payments
Host: dev.api.api-peoplebankus.com
Authorization: <Bearer YOUR_ACCESS_TOKEN>
x-correlation-id: <Your X-Correlation-ID>
Content-Type: application/json
You can retrieve your Authorization token using the Oauth 2.0 API. On the other hand, the X-correlation-id is composed of up to 32 characters. Check the Correlation ID section for additional information.
Correlation ID
The x-correlation-id is a UUID (Universally Unique Identifier) that complies with RFC 4122. It allows end‑to‑end tracing of API requests across distributed systems. API People echoes the same value back in the response so you can correlate requests with responses.
It is formatted as 32 hexadecimal digits, displayed in 5 groups separated by hyphens in the form xxxxxxxx-xxxx-Mxxx-Nxxx-xxxxxxxxxxxx. See the example below:
x-correlation-id: f47ac10b-58cc-4372-a567-0e02b2c3d479
For certain write or update operations, this header also serves as an idempotency key. Including the same UUID on retry ensures you do not create duplicate resources.
Requirements
API People client must:
- Generate a new UUID for each request.
- Include the UUID in the
x-correlation-idheader. - For idempotent operations, keep this value unique per logical operation to avoid unintended side effects.
- Use this identifier to track or reference specific transactions in your logs or audits.
Refer to the Error Codes page to learn about the HTTP status codes and error response payloads returned by API People APIs.