As mentioned above, Gini Pay API supports different authentication flows, depending on the use case. API differentiates between anonymous and derived users. Client credentials you received when you registered your application support either derived or anonymous user flows. Make sure to follow our security guidelines on how to secure your data.
Anonymous users are identified by username and password. You create them explicitly for your untrusted devices
Derived users are identified by their username only, specified by
X-User-Identifierheader. The value is up to you, usually a stable hash of your internal user identifier. Derived user is automatically created if it doesn't exist already. It is unique for the client
There are currently 4 different authentication flows possible with our API.