Obtain your API credentials
Once your application is created in the Developer Console, select it to find its API Key, User ID, and Account ID.Where to find them: the Developers page, inside the application you created. These credentials power API key authorization — primarily administrative calls and generating user access tokens.
Every Fluz API request uses a user access token in the Authorization header. You mint the token from your application’s clientId and clientSecret by calling the generateUserAccessToken mutation against the OAuth service.
Generate an access token
Use the token
Attach the token to every GraphQL request against the transactional graph:Refresh before expiry
Access tokens are short-lived. Request a new one before the current one expires — don’t wait for a401. See Refresh an Expired Access Token for the exact call, and Authentication for the full flow, including OAuth grants for customer-scoped tokens.
Next steps
Quickstart: your first gift card purchase
Run the full happy path end to end — deposit funds, buy a gift card, and reveal it in the sandbox.
Refresh an expired token
Swap a refresh token for a new access token without re-running the credential flow.