Skip to main content
This endpoint returns an HTML login page and must be opened in a browser. It cannot be tested via API calls.

Endpoint

GET https://oauth.sandbox.dcash.africa/login

Query Parameters

app_id
string
required
Your application’s unique identifier provided during registration
redirect_url
string
required
The URL where users will be redirected after authentication

Try It Out

To test the OAuth flow, construct your URL and open it in a browser: 
https://oauth.sandbox.dcash.africa/login?app_id=YOUR_APP_ID&redirect_url=YOUR_REDIRECT_URL

Open OAuth Login (Test)

Opens with test values - modify the URL in your browser’s address bar with your actual credentials

How It Works

This endpoint initiates the OAuth 2.0 authorization flow:
1

Redirect User

Your application redirects the user to this DCash URL
2

User Authenticates

User authenticates with their DCash credentials and approves access permissions
3

Token Sent to Webhook

Upon successful authentication, DCash sends an authorization token to your pre-registered webhook endpoint
4

User Redirected

The user is redirected to your specified redirect_url

Authorization Token

The token will be sent to the webhook URL configured in your merchant account settings, not as a response from this endpoint.
Important Notes:
  • Store this token securely - it’s required for making API calls on behalf of the user
  • Tokens may be revoked by users through the DCash app or website
  • If a token becomes invalid, you’ll need to repeat the authorization flow

Security Recommendations

Follow these security best practices when implementing OAuth:
  • Always validate that redirect URLs match your expected domain
  • Use HTTPS for all redirect URLs
  • Store tokens securely using appropriate encryption

Webhook Payload

When authentication is successful, your webhook will receive this payload:
event
string
Type of event triggered (e.g., “user_authorized”)
user_email
string
Email address of the authenticated user
token
string
DCash token for subsequent API requests
Example Webhook Payload
{
  "event": "user_authorized",
  "user_email": "test.user@dcash.africa",
  "token": "dcash_token_example"
}

Example Implementation

Here’s how to redirect a user to initiate the OAuth flow: 
const appId = 'YOUR_APP_ID';
const redirectUrl = 'https://yourapp.com/callback';

// Redirect user to DCash OAuth endpoint
window.location.href = `https://oauth.sandbox.dcash.africa/login?app_id=${appId}&redirect_url=${encodeURIComponent(redirectUrl)}`;
After receiving the token via webhook, you can use it to make authenticated API requests on behalf of the user.