Authentication
Terminal activation, OAuth bearer tokens, and device flow.
POST
/api/v1/activateActivate a terminal with a 6-digit code. Returns clientId, clientSecret, and tokenEndpoint for OAuth.
Auth: None (public)
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| activationCode | string | Yes | 6 alphanumeric characters |
Response Example
{
"configId": 123,
"terminalId": "TERM001",
"company": "Acme Coffee",
"userId": 42,
"clientId": "abc...",
"clientSecret": "shh...",
"tokenEndpoint": "https://payus.co.nz/api/v1/oauth/token",
"branchId": 17,
"terminalAccess": true
} SandboxCalls go to
https://payus.co.nzPOST
/api/v1/oauth/tokenExchange client credentials for a JWT bearer token.
Auth: Basic Auth (clientId:clientSecret)
Response Example
{
"token": "<jwt>",
"type": "Bearer",
"expiryDate": "2026-04-08T13:30:00Z"
} SandboxCalls go to
https://payus.co.nzAuthentication
POST
/api/v1/device/codeStart an OAuth device flow. Returns a user code for the operator to enter on a verification page.
Auth: None (public)
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| clientId | string | Yes | The terminal's client ID |
| deviceModel | string | No | e.g. 'Sunmi V2' |
| serialNumber | string | No | Device serial |
Response Example
{
"deviceCode": "long-opaque-code",
"userCode": "ABCD-1234",
"verificationUri": "https://payus.co.nz/device",
"expiresIn": 600,
"interval": 5
} SandboxCalls go to
https://payus.co.nz