5 minute read
May 3, 2022

Authentication with the DiVA API

The DiVA API enforces HTTP Basic Authentication on incoming requests, using the standard Authorization field in the header to hold your credentials. With each request, you must include an HTTP header with your application token as the username and your access token as the password. The response returns only data you are authorized to access based on the credentials you provide in your request.

Obtaining tokens

Marqeta distributes application tokens and access tokens directly to customers and partners. These tokens are static, meaning that you can reuse them indefinitely. To obtain your application and access tokens for the DiVA API, contact your Marqeta representative.

Reports in the Marqeta Dashboard access the same data endpoints as the DiVA API. You have the same permission level as you have in the Dashboard. In the Dashboard, you can generate your tokens for making API calls. To generate your tokens, see Reports.

Adding your program name

For DiVA API requests that retrieve program-specific data, you must include the program query parameter and specify the name of your program. You can specify more than one program, if applicable (for example, program=my_program1,my_program2). The DiVA API returns only data that you are authorized to access for the specified programs.

To obtain your program name, contact your Marqeta representative.

Sample cURL

This sample cURL command illustrates a request to the DiVA API that retrieves settlement transaction data. For this scenario, assume you are a Marqeta customer with access to a single production environment (my_program), your application token is my_application_token, and your access token is my_access_token.


Is this helpful?


Subscribe to our developer newsletter