Payment Auth Token

Shift4 Marketplace helps 3rd-party consumers to get the payment auth token after an app installation in location completes. The 3rd-party can exchange the auth token to the access token on their end via i4go interface.

Terminology

Name Description
Auth Token It is issued for a specific Merchant & 3rd-party combination by the Lighthouse Transaction Manager (LTM).

Notes:
  • The token has an expiration
  • The token might be used only once (exchanging it to the i4go access token)
Access Token 3rd-party is using Merchant specific "accessToken" to process the Merchant payments over i4go gateway;
3rd-party issued it by exchanging "auth token" to the "access token" on their side.

Notes:
  • The token doesn't have an expiration
  • The token might be revoked in (LTM)
  • The token is related to 3rd-party interface version & name

Access Token Exchange Flow

Access Auth exchange sequence diagram

  1. Conecto API sends a subscription event after app installation completes
  2. 3rd party consumer retrieves Auth Token
  3. Conecto API retrieves Auth Tokens from Lighthouse API
  4. 3rd party consumer exchanges the Auth Token to the Access Token.

Shift4 Marketplace API

Get Payment Auth Token by guid

Retrieve the Payment Auth Token by guid

GET /payments/v1/{locationId}/auth-tokens/{guid}

Response 200

Resolves with the token

{
  "guid": "string",
  "token": "string",
  "createdAt": "2025-06-04T12:38:47.130Z"
}

Response 404

Token not found

Response 409

Token expired

Response 500

Unexpected error

Definitions

Payment Auth Token

Payment Auth Token data structure

Name Type Description
guid* string The guid generated by Developers Marketplace to identify the token
token* string The payment auth token value
createdAt* string Token creation time and date (ISO 8601)

results matching ""

    No results matching ""