Our ACH API uses Bearer Authentication to enforce authentication for all its incoming requests. Bearer Authentication (Token Authentication) is an HTTP authentication mechanism that involves security tokens generated by GrailPay servers.

If you have lost an API Key, please connect immediately with our support to block current API Key(s) and generate new one(s).

All API requests must be made over HTTPS. Calls made over HTTP will fail.

Common Authentication Errors & Warnings

{
    "status": false,
    "message": "Invalid token.",
    "data": null,
    "errors": null,
    "error_code": {
    "type": "client_error",
    "subtype": "unauthorized"
}

-----------------------------------------------------

{
    "status": false,
    "message": "Invalid token format. The token should be in the following format: ID|TOKEN_VALUE. Example: 12345|abcdefg",
    "data": null,
    "errors": null,
    "error_code": {
    "type": "client_error",
    "subtype": "invalid_token_format"
}

-----------------------------------------------------

{
    "status": false,
    "message": "Invalid token format. The ID in the token must be an integer. Example: 12345|abcdefg",
    "data": null,
    "errors": null,
    "error_code": {
    "type": "client_error",
    "subtype": "invalid_token_format"
}