Freedom Pay
  1. Partner API
  2. Freedom ID
  3. OAuth2
Freedom Pay
  • Gateway API
    • Overview
    • Sync API
      • Overview
      • Purchase
        • Overview
        • Create payment
        • Any amount
        • Card
        • 3DSecure
        • Cancel
        • Clearing
        • Refund
        • Status
      • Payout
        • Overview
        • Card
        • IBAN
        • Balance
        • Status
      • Transfer
        • Overview
        • Card
        • 3DSecure
        • Rates
        • Status
      • Card
        • Overview
        • Add
        • 3DSecure
        • List
        • Remove
        • Status
      • Token
        • Overview
        • Token Pay
        • Apple Pay
        • Google Pay
        • Token Payout
        • Status
    • Async API
      • Overview
      • create
        • create payment
        • create payment recurrent
      • read
        • read payment
        • read request
      • edit
        • edit payment.refund
        • edit payment.reverse
        • edit payment.clearing
      • delete
  • Merchant API
    • Overview
    • Purchase
      • Overview
      • Checkout
      • JS SDK
      • Create payment
      • Any amount
      • Cancel payment
      • Clearing
      • Refund payment
      • Status
    • Payout
      • Overview
      • Create payment
      • IBAN
      • Balance status
      • Status by order_id
      • Status by Payment ID
      • Status by Payment ID V2
    • Mobile balance
      • Overview
      • Init
      • Pay
      • Approve
      • Resend code
      • Status
    • Card
      • Overview
      • Add
      • Add for payout
      • Remove
      • List
      • Status
    • Token
      • Overview
      • Saved card with CVC input (Init)
      • Saved card with CVC input (Pay)
      • Non-acceptance payments
      • Non-acceptance payments (Pay)
      • Token payout
      • Status
    • Invoice
      • Overview
      • Init
      • Info
      • Pay
      • Status
    • ATM
      • Request for payment generation
      • Withdraw request
      • Request for the status of the operation
    • Additional
      • Overview
      • Check request
      • Result notify
      • Payout notify
      • Redirect back
  • Card API
    • Overview
    • Payment Cards
      • Overview
      • Dictionaries
      • Bulk issue
      • Issue card
      • Issue plastic card
      • Activate card
      • Block card
      • Unblock card
      • Set PIN
      • Reset PIN counter
      • Close card
      • Update client
      • Card info
      • Balance
      • Secret data
      • Statement
      • Statement extended
      • Create client
      • Edit client
      • Сards' list
      • Request' status
      • Create transaction
      • Clearing transaction
      • Refund transaction
      • Transaction request' status
      • Transaction info
    • Gift Cards
      • Overview
      • List
      • Issue
      • Confirm
      • Resend
      • Resend code
      • Status
  • Partner API
    • Rates
      • Overview
      • Rates
    • Products
      • Overview
      • Dictionaries
      • Add client with product
      • Request status
    • E-Money
      • Overview
      • Add
      • Owner identification
      • Info
      • Close
      • Block
      • Balance
      • Statement
      • Request Status
    • Freedom ID
      • Overview
      • Design
      • iOS SDK
      • Android SDK
      • OAuth2
        • Authorization link
          POST
        • Token exchange
          POST
        • Token refresh
          PATCH
        • User info
          GET
        • Request profile
          POST
        • Get profile status
          GET
      • OIDC
        • Authorization endpoint
        • Token exchange
        • Userinfo
      • Error codes
      • Examples
        • Keycloak
    • IMTS "Leskar"
      • Overview
      • Token Generation
      • Token Refresh
      • Agent List
      • Fee Calculation
  • Mobile SDK
    • Payment SDK
      • iOS
      • Android
    • Freedom QR
      • Reader SDK (Android)
      • Provider SDK (Android)
  • CMS
    • Overview
    • Get Merchant ID and key
    • WordPress
      • Overview
      • Installation
      • Configuration
      • Test
      • Live payments
      • Update
    • Tilda
      • Overview
      • Installation
      • Configuration
      • Test
      • Live payments
    • InSales
      • Overview
      • Installation
      • Configuration
      • Test
      • Live payments
    • Ecwid
      • Overview
      • Installation
      • Configuration
      • Test
      • Live payments
    • Bitrix
      • Overview
      • Installation
      • Configuration
      • Test
      • Live payments
    • PrestaShop
      • Overview
      • Installation
      • Configuration
      • Test
      • Live payments
    • OpenCart
      • Overview
      • Installation
      • Configuration
      • Test
      • Live payments
  1. Partner API
  2. Freedom ID
  3. OAuth2

Token exchange

POST
https://passport.freedompay.kz/api/v1/oauth/token
oauth2
When a user consents to provide the requested access rights, Freedom ID redirects the user to the specified redirect_uri with an appended authorization_code parameter.
This one-time code must be exchanged for an access_token and refresh_token for subsequent operations.
If the transferred URL is not empty, it can be called by the FreedomID side after the end of the user's main session.
This is necessary so that the user has the opportunity to recall all sessions on the partner side after logging out of the FreedomID personal account.
When calling this URL, the POST method is used, the following structure is transferred in the request body:
{
    "id": "{TOKEN_ID}"
}
The partner makes a decision on his side and can revoke the session that was opened within the framework of this token.

Request

Authorization
Send your HTTP requests with an
Authorization
header that contains the word Basic followed by a space and a base64-encoded string {{Username}}:{{Password}}
Example:
Authorization: Basic *****************
Body Params application/json
authorization_code
string 
required
Authorization code received after the successful user authentication.
revoke_uri
string <URL>
optional
Callback link after access token is revoked.
Example
{
  "authorization_code": "your_authorization_code"
}

Request samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://passport.freedompay.kz/api/v1/oauth/token' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic Og==' \
--data-raw '{
  "authorization_code": "your_authorization_code"
}'

Responses

🟢200Success
application/json
Body
id
string <uuid>
required
Access token unique identifier (UUID)
access_token
string <[a-zA-Z0-9]{128}>
required
Access token used for authentication in requests to protected resources. The token is valid for 7 days from the request date. In subsequent requests in FID, this field is referred to as client_access_token.
refresh_token
string <[a-zA-Z0-9]{128}>
required
Refresh token used to obtain a new access token. The token is valid for 1 month from the request date.
access_expire_at
string <Datetime:ISO-8601>
required
Expiration time of the access token
refresh_expire_at
string <Datetime:ISO-8601>
required
Expiration time of the refresh token
Example
{
  "id": "01953bce-e652-702c-a706-c389e30ebc01",
  "access_token": "RTtW2Q2EU2zKl8PdBFZIjQZzo3ZuUaClyxZasDjnlPWV4tcQVHJlN5stG4LMjC6Vg6VcBGi9ajUfLWRYn4AVR07fwmkbdi0JbGG39UFFeuS4QXsO4ZU5SdUKBNmzeuV9",
  "refresh_token": "vOrJ9DgKXiBgTkeh1zVZKMsE1Qo8TNJCNo7DTDD3tjvqiMAaP4qbEdNDz34fiUEVkoVSJKMPOjWEVPXOhKeAEPTgbWBYOjur0Qlid2XhwqGMqVrkUN5LHCZIPnaLUzeO",
  "access_expire_at": "2025-03-04T06:32:50.000000Z",
  "refresh_expire_at": "2025-03-25T06:32:50.000000Z"
}
Modified at 2025-03-05 12:03:54
Previous
Authorization link
Next
Token refresh