# Rewst Many MSPs use **Rewst** to automate workflows across PSA tools, billing systems, and third-party platforms. To enable automated invoice payments and customer operations via **Alternative Payments**, you’ll need to authenticate and interact with our API directly through Rewst using HTTP Request blocks. This guide walks you through how to **authenticate with the Alternative Payments API** inside Rewst, so you can securely trigger additional API calls from your workflows.

*** ## :notebook\_with\_decorative\_cover:How It Works Rewst supports HTTP requests through its workflow automation engine, allowing you to interact directly with external APIs like Alternative Payments. To integrate with our API: * **Authenticate using OAuth 2.0:** This authentication method is used to obtain secure, server-to-server access without user interaction. * **Obtain an access token:** Upon successful authentication, the API returns an `access_token` that is valid for a limited time. * **Authorize future requests:** Use this token in the `Authorization` header (`Bearer` format) to securely access other endpoints. * **Follow standard REST practices:** All API interactions are based on REST conventions, using JSON payloads, HTTP methods, and header-based authentication. *** ## :sparkles:Step-by-Step {% @arcade/embed flowId="JdbvBHxefpi2kUJBK2eP" url="" %} ### :closed\_lock\_with\_key: Step 1: Authenticate using HTTP Request Block 1. In your **Rewst workflow**, click **+** to add a new **HTTP Request** block. 2. Set **Request method** to `POST`. 3. Set **URL** to:

Environment	URL
Demo	`https://public-api.demo.alternativepayments.io/oauth/token`
Production	`https://public-api.alternativepayments.io/oauth/token`

\ In the **Body** section, use: ``` grant_type=client_credentials ```

Set the following **Headers**:

Header	Value
`Content-Type`	`application/x-www-form-urlencoded`
`Authorization`	`Basic` `your_base64_credentials`

#### :key: Base64 Credentials To generate the **base64** credentials: * Format your credentials as `clientId:clientSecret` {% hint style="info" %} You can find your `clientId` and `clientSecret` in the **Partner Dashboard** under the [api-keys](https://docs.alternativepayments.io/getting-started/quick-start/api-keys "mention") section. {% endhint %} * Go to [https://www.base64encode.org](https://www.base64encode.org/). * Paste the string and click **Encode**.
**Example**

Copy the result:

and paste it in the Authorization header as: ``` Basic base64_encoded_value ``` *** ### 🧪 Step 3: Test the Request 1. Click **Test** in the HTTP Request block. 2. Then click **View Result**. ✅ If successful, you will receive a JSON response containing:

{
  "access_token": "xxxxx",
  "token_type": "Bearer",
  ...
}

Copy the `access_token`. *** ### 🔁 Step 4: Use the Token in Future Requests For any additional API calls (e.g., Listing customers, fetching invoices), include Authorization as a header: ``` Authorization: Bearer access_token ```

#### **📌 Example endpoint:** **Request** ``` GET https://public-api.demo.alternativepayments.io/customers ``` **Response**

*** ## :map:Flow