This version of the API uses a different base URL to that of the stable one. The base URL for this version is: https://api.tryterra.co/v2/
Note that authorization is separate for the v1 and v2 versions of the API, therefore a user must authorize for each independently.
Terra authenticates your API requests using your API key, and developer ID - both of which are generated by us.
Your API key should always be provided in the X-API-Key header unless endpoint documentation explicity states that it should not be included.
Terra will - in all requests made to your webhooks, and all responses returned from the service - include a header - terra-signature - which will contain a hash value unique to your developer ID and can be used to verify that the request and/or response came from our servers. The signature hash will be provided to you along with your developer ID when it is created.
Upon successfull authentication, a payload will be sent to the webhook indicating that the user has been authenticated. The payload will adhere to the following schema:
If the user does not grant us access to all the requested scopes, or they refuse our application access to their account(s) all together, we will redirect them to an authentication failure page and delete their user details from our database as well as revoking any tokens stored for that account where applicable. A payload will also be sent to your webhook indicating that the authentication process failed for the given user. It will adhere to the following schema: