Follow this guide step by step to make sure that your tokens are correctly generated.

As specified in the 1o ⇠ Merchant page, the 1o API will accept (and in some cases, expect you to generate) v2.local tokens.

For this example we will assume the following payload, key ID, and shared secret:

Now we have everything we need to generate a token using the PASETO library of our choice. Passing all of the above should yield a valid token:

version = 'v2'
purpose = 'local'
payload = '{"exp":"2023-11-03T14:50:30Z","iat":"2023-11-03T14:50:30Z"}'
shared_secret = 'kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk'
footer = '{"kid":"0a315660-4bb7-4228-9408-f4300733066f"}'

generate_paseto_token(version, purpose, payload, shared_secret, footer)

# => 'v2.local.R17UZaSjwDIOVGvfPfpZl3ff5mUOViu0we2uutl9VKSxyxCz_XlECXiolPl3Yh1A-lcfNQAYTb4-BiGQXCMP5SNa5yUrTyiy_kwFrLaV0pi2Q-6LZwPJdgX_mrnBS2OrOkdZ.IntcImtpZFwiOlwiMGEzMTU2NjAtNGJiNy00MjI4LTk0MDgtZjQzMDA3MzMwNjZmXCJ9Ig'

Use the above values to verify token generation. Using the exact inputs should yield the same token.

For maintainers: When updating the tokens in this guide consult this code snippet.