Application access token and account access token


(Vivekkumar K) #1

Hi everyone i have a doubt regarding application access token and account access token ,with both iam able to create customer and able to transfer money between customer
so what is the difference between both access token??

Iam trying to implement transfer of money between user


(Spencer Hunter) #2

Hey @Vivekkumar_K, Dwolla has two different authorization flows. One for obtaining a user account access token and one for obtaining an application access token. I’ve provided a quick reference below that describes the difference between the two.

Dwolla’s authorization flows

The OAuth 2 protocol defines four main authorization grant types, or commonly referred to as OAuth flows. Dwolla implements two of the four grant types depending on how your application accesses data in the API.

  • Flow 1 (Co-branded): - Using the authorization code grant flow, your application will redirect the user to Dwolla (typically via a web browser) to authenticate and authorize your application. If the user grants permission, your application will be issued an access token that is used to make requests to the API on the user’s behalf. This is a browser based flow with interaction between an end-user, a third-party application, and the Dwolla API. Also known as 3-legged OAuth.
  • Flow 2 (White Label and/or Webhooks): - Using the client credentials grant flow, your application will obtain authorization to interact with the API on its own behalf. This is a Server-to-server flow with interaction between an application and the Dwolla API. Also known as 2-legged OAuth.

(Vivekkumar K) #3

Hi Spenser
Thanks for the reply,Actuall I want o transfer money between user, so what
type of access token I need and what is the flow of that, because I’m
confused, with application access token also I am able to create customer
and make transfer and with 3 leg oauth authorisation token(not for white
label customer) also I am able to create customer and initiate transfer,

My scenario is I have created an app where seller and buyer interact
seller is transferring money to buyer and vice versa what kind of access
token I need and what flow should I follow,and it’s and mobile app, white
label customer or contender solutions should I follow

Thanks
Vivek kumar k


(Amit K) #4

I have the same question as i am implementing a Company to users ACH payments. Can anyone throw some light on what is the difference between these two tokens?


(Spencer Hunter) #5

@amitk, you’ll want to use an application access token for all calls in the API. Reference our docs for more information on how to programmatically obtain this token.