Authenticate and obtain JWT token
Obtain a JWT access token for API access. This is the entry point for all API interactions. The token must be included in the Authorization header of all subsequent API calls as a Bearer token.
Rate limited to 10 requests per minute per IP address. This endpoint does not require prior authentication.
Request Body
application/json
API username provided by M2P during onboarding
API password provided by M2P during onboarding
passwordResponse Body
application/json
application/json
application/json
curl -X POST "https://api.m2p.com/auth/login" \ -H "Content-Type: application/json" \ -d '{ "username": "acme_api_user", "password": "s3cur3P@ssw0rd" }'{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"user": {
"id": "604d5f1e8a2b3c001f8e4567",
"username": "acme_api_user",
"entityId": "ACMEBANK",
"role": "ISSUER_API"
}
}{
"error": "Invalid credentials",
"code": "AUTH_001"
}{
"error": "Rate limit exceeded",
"code": "AUTH_008"
}Testing
Test cards, test mobile numbers, and sandbox environment details for development and integration testing.
Credit funds to a wallet (load money) POST
Load funds into a customer wallet. This API credits the specified amount to the wallet associated with the provided kit number. Idempotent on the externalTransactionId field. If the same externalTransactionId is sent again, the system returns the original transaction result without processing a duplicate credit. The transactionType field indicates the nature of the credit. Common values are M2C (merchant-to-customer transfer), LOAD (wallet loading), and REFUND (refund of a previous purchase). The amount must be a positive number. Currency defaults to INR if not specified.