openapi: 3.1.0
info:
  title: Monnify Authentication API
  description: >
    Exchange Monnify API key and secret credentials for a short-lived Bearer
    access token. Every other Monnify endpoint requires the access token
    returned by POST /api/v1/auth/login as Authorization: Bearer
    {accessToken}. Tokens expire after one hour and must be re-issued.
  version: '1.0'
  contact:
    name: Monnify Developer Support
    url: https://developers.monnify.com
  license:
    name: Moniepoint Terms of Service
    url: https://moniepoint.com/ng/terms-of-service
servers:
  - url: https://api.monnify.com
    description: Production
  - url: https://sandbox.monnify.com
    description: Sandbox
security:
  - BasicAuth: []
tags:
  - name: Authentication
    description: Obtain a Bearer access token for the Monnify API.
paths:
  /api/v1/auth/login:
    post:
      summary: Monnify Log In And Issue Access Token
      description: >
        Authenticate with Basic auth using your API key as the username and
        your secret key as the password. Returns an OAuth-style accessToken
        and expiresIn (seconds). Cache the token until expiry to avoid
        re-authenticating on every call.
      operationId: monnifyLogin
      tags:
        - Authentication
      security:
        - BasicAuth: []
      responses:
        '200':
          description: Access token issued successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LoginResponse'
              examples:
                Default:
                  $ref: '#/components/examples/LoginResponseExample'
        '4XX':
          $ref: '#/components/responses/ErrorResponse'
components:
  securitySchemes:
    BasicAuth:
      type: http
      scheme: basic
      description: Basic auth using API key as username and secret key as password.
  schemas:
    LoginResponseBody:
      type: object
      properties:
        accessToken:
          type: string
          description: Bearer access token; place in the Authorization header on every subsequent Monnify call.
        expiresIn:
          type: integer
          description: Token lifetime in seconds (typically 3600).
    LoginResponse:
      type: object
      properties:
        requestSuccessful:
          type: boolean
        responseMessage:
          type: string
        responseCode:
          type: string
        responseBody:
          $ref: '#/components/schemas/LoginResponseBody'
    Error:
      type: object
      properties:
        requestSuccessful:
          type: boolean
          example: false
        responseMessage:
          type: string
        responseCode:
          type: string
        responseBody:
          type: object
  responses:
    ErrorResponse:
      description: Authentication failed.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  examples:
    LoginResponseExample:
      summary: Successful login
      value:
        requestSuccessful: true
        responseMessage: success
        responseCode: '0'
        responseBody:
          accessToken: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJNS19QUk9EXzAxIn0.x
          expiresIn: 3600