Sokin Embedded API
  1. Guides
Sokin Embedded API
  • Getting Started
    • Sokin Definitions
    • Guides
      • Authentication
      • Receiving Payments
      • FX Payments
      • Payments
      • Unfunded Payments
      • Unfunded FX Payments
  • Authentication
    • Get Token
      POST
    • Get Token on behalf of corporate
      POST
    • Schemas
      • TokenResponse
  • Corporates
    • v2025-12-01
      • Create a new Corporate
      • Add an individual associate to a Corporate
      • Add a parent entity (corporate associate) to a Corporate
      • Request pre-signed URLs for Corporate onboarding document uploads
      • Request pre-signed URLs for beneficiary (associate) document uploads
      • Finalise corporate onboarding submission
    • Schemas
      • NumericRange
      • ApiResponse[AddIndividualAssociateResponse]
      • ApiResponse[AddAssociateDocumentsResponse]
      • ApiResponse[AddOnboardingDocumentsResponse]
      • AddOnboardingDocumentsResponse
      • AssociateDocumentPresignedUrlResponse
      • AssociateType
      • ErrorResponse
      • MessageResponse
      • FinaliseSubmissionResponse
      • AddParentEntityRequest
      • MoneyRange
      • AddOnboardingDocumentsRequest
      • ApiResponse[CreateCorporateResponse]
      • CreateCorporateRequest
      • CreateCorporateResponse
      • FinaliseSubmissionRequest
      • PresignedUrlResponse
      • OwnershipType
      • AddAssociateDocumentsResponse
      • ErrorDetail
      • AddIndividualAssociateRequest
      • UboDetails
      • AddParentEntityResponse
      • AddIndividualAssociateResponse
      • CorporateAssociateType
      • ApiResponse[AddParentEntityResponse]
      • AddAssociateDocumentsRequest
  • Corporate Currency Accounts
    • v2025-12-01
      • Get Corporate Currency Accounts
      • Get Corporate Currency Account By Reference
    • Schemas
      • ErrorResponse
      • PaginationInfo
      • ErrorDetail
      • ApiResponse[GetCCAByReferenceResponse]
      • GetCCAByReferenceResponse
      • GetCCAByReferenceResponsePayInDetail
      • GetCCAsResponseItem
      • PaginatedApiResponse[GetCCAsResponseItem]
  • Beneficiaries
    • v2025-12-01
      • Get Beneficiary Fields
      • Create External Beneficiary
      • Get Beneficiary List
      • Get Beneficiary Details
      • Delete Beneficiary
    • Schemas
      • ErrorResponse
      • FieldType
      • IdentifierType
      • TransactionTypeEnum
      • BeneficiaryType
      • AccountType
      • ApiResponse[BeneficiaryDetails]
      • ApiResponse[CreateExternalBeneficiaryData]
      • ApiResponse[DeleteBeneficiaryData]
      • ApiResponse[GetBeneficiaryFieldsResponse]
      • BeneficiaryField
      • BeneficiaryListItem
      • CreateExternalBeneficiaryData
      • CreateExternalBeneficiaryRequest
      • DeleteBeneficiaryData
      • GetBeneficiaryFieldsResponse
      • PaginatedApiResponse[BeneficiaryListItem]
      • StateOrProvince
      • PaginationInfo
      • PaginatedBeneficiaryFieldsResponse
      • ErrorDetail
      • BeneficiaryDetails
  • Instruction Requests
    • v2025-12-01
      • Get Instruction Request By Reference
      • Create Payment Instruction Request
      • Create Fx Instruction Request
      • Create Fx Payment Instruction Request
      • Create Unfunded Payment Instruction Request
      • Create Unfunded Fx Payment Instruction Request
    • Schemas
      • ErrorResponse
      • ApiResponse[CreateInstructionRequestResponse]
      • ErrorDetail
      • ApiResponse[GetInstructionRequestResponse]
      • CreateFXInstructionRequest
      • CreateFxPaymentInstructionRequest
      • CreateInstructionRequestResponse
      • CreatePaymentInstructionRequest
      • CreateUnfundedFxPaymentInstructionRequest
      • CreateUnfundedPaymentInstructionRequest
      • GetInstructionRequestResponse
  • Instructions
    • v2025-12-01
      • Get Instruction By Reference
    • Schemas
      • ErrorDetail
      • ErrorResponse
      • ApiResponse[GetInstructionResponse]
      • GetInstructionResponse
  • Foreign Exchange
    • v2025-12-01
      • Get Fx Rate
    • Schemas
      • ErrorResponse
      • FxRateData
      • FixedSide
      • ApiResponse[FxRateData]
      • ErrorDetail
      • FxRateRequest
  • Webhooks
    • Webhooks
    • v2025-12-01
      • Create Subscription
      • Update Subscription Status
      • Update Subscription
      • Delete Subscription
      • Get Subscription By Id
      • List Notification Logs
      • Retry Notification
    • Schemas
      • ApiResponse[CreateSubscriptionResponse]
      • NotificationStatus
      • ApiResponse[NotificationLogList]
      • NotificationAttemptResponse
      • ApiResponse[UpdateSubscriptionResponse]
      • NotificationLogList
      • ErrorResponse
      • NotificationLogResponse
      • SubscriptionCreateOrUpdate
      • SubscriptionStatusUpdate
      • CreateSubscriptionResponse
      • UpdateSubscriptionResponse
      • InstructionCreated
      • ErrorDetail
      • InstructionReqeustRejected
      • InstructionProcessedWebhook
      • InstructionRejectedWebhook
      • OnboardingRequestApproved
      • OnboardingRequestRejected
      • CorporateActivated
      • CorporateDeactivated
      • CorporateCurrencyAccountFundingReceived
      • WebhookSubscription
      • WebhookNotificationLogs
  1. Guides

Authentication

Sokin's API uses OAuth2 with the Client Credentials flow for server-to-server authentication.
The Client Credentials flow allows your application to authenticate using a Client ID and Client Secret to obtain an access token, which is then used to make authorized API requests.

Getting Started#

Prerequisites#

Before you begin, you'll need:
A Client ID
A Client Secret
API base URL: https://api-sokin.com

Authentication Steps#

Step 1: Obtain an Access Token#

Make a POST request to the token endpoint with your client credentials:
Endpoint:

Step 2: Use the Access Token#

Include the access token in the Authorization header of your subsequent API requests.

Step 3: Refresh When Expired#

Access tokens expire after 24 hours. When a token expires, repeat Step 1 to obtain a new access token. We recommend requesting a new token shortly before expiration to avoid service interruption.

Best Practices#

Secure Your Credentials: Never expose your Client Secret in client-side code or public repositories. Store credentials securely using environment variables or a secrets management system.
Cache Access Tokens: Don't request a new token for every API call. Cache the token and reuse it until it expires to reduce unnecessary requests.
Handle Token Expiration: Implement logic to detect expired tokens (401 Unauthorized responses) and automatically request a new token.
Use HTTPS: Always use HTTPS for all API requests to protect your credentials and tokens in transit.
Modified at 2025-12-05 13:29:35
Previous
Sokin Definitions
Next
Receiving Payments
Built with