Request format
Requests are to be sent via HTTP 1.1 using SSL (HTTPS) to the following address:<method_name>
Requests are authorized in accordance with The OAuth 2.0 Authorization Framework: Bearer Token Usage.
HTTP requests must have this header:
Authorization: Bearer <access_token>
Security requirements:
  1. All network interactions are transmitted only via HTTPS.
  2. The TLS version is 1.2 or later.
  3. The application should verify the validity of the server’s SSL certificate. If the SSL certificate did not pass verification, the session must be aborted immediately to prevent compromising the authorization data.
  4. Do not store the access token in unencrypted format, for example, as cookies.
  5. Never use the access token in request parameters (GET, POST etc).
Format for request parameters:
  • Key/value pairs, packed as HTTP 1.1 POST request parameters;
  • MIME type: application/x-www-form-urlencoded;
  • Encoding: UTF‑8.
Request example
POST /api/request-payment HTTP/1.1
Content-Type: application/x-www-form-urlencoded

See also
Response format Access token scope Data types