API Setup

Authentication and Environment

Authentication

Brick APIs use short-lived, one-time public access tokens for API authentication. Each token is valid for a single request and expires within 5 minutes of generation.

This authentication flow applies to general Brick APIs that use the publicAccessToken header. QR Code SNAP APIs use a separate SNAP B2B access token flow under QR Code SNAP.

Key Points

A token generated for one API request cannot be reused for another request.
Each API call requires a newly generated token, even when you are performing the same operation repeatedly.
Tokens are valid for 5 minutes after generation. After the token expires, generate a new token before retrying the request.

👍 Best Practice

Generate a new public access token immediately before each API request. This keeps the integration resilient when requests are retried, delayed, or queued.

Available Environments

Brick provides two separate environments for development and production use cases.

To generate and manage your API credentials for each environment, log in to the Brick Dashboard, open the Configuration menu, and select the API Credentials tab.

Environment	Base URL	Purpose
Sandbox	https://sandbox.onebrick.io/v2	Use this environment for testing and development. It simulates live behavior using mock data.
Production	https://api.onebrick.io/v2	Use this environment for live applications connected to real financial institutions.

🚧 Important Notes

Credentials are different for each environment. Make sure you use the correct client_key and client_secret for the environment you are working in.

Transactions in the Sandbox environment do not affect real accounts or institutions.

Before switching to Production, make sure your integration has been tested in Sandbox.

Last modified on June 17, 2026

Prepare Yourself to Use API Generate Public Access Token

Authentication

Brick APIs use short-lived, one-time public access tokens for API authentication. Each token is valid for a single request and expires within 5 minutes of generation.

This authentication flow applies to general Brick APIs that use the publicAccessToken header. QR Code SNAP APIs use a separate SNAP B2B access token flow under QR Code SNAP.

Key Points

A token generated for one API request cannot be reused for another request.

Each API call requires a newly generated token, even when you are performing the same operation repeatedly.

Tokens are valid for 5 minutes after generation. After the token expires, generate a new token before retrying the request.

👍 Best Practice

Generate a new public access token immediately before each API request. This keeps the integration resilient when requests are retried, delayed, or queued.

Available Environments

Brick provides two separate environments for development and production use cases.

To generate and manage your API credentials for each environment, log in to the Brick Dashboard, open the Configuration menu, and select the API Credentials tab.

Environment

Base URL

Purpose

Sandbox

https://sandbox.onebrick.io/v2

Use this environment for testing and development. It simulates live behavior using mock data.

Production

https://api.onebrick.io/v2

Use this environment for live applications connected to real financial institutions.

🚧 Important Notes

Credentials are different for each environment. Make sure you use the correct client_key and client_secret for the environment you are working in.
Transactions in the Sandbox environment do not affect real accounts or institutions.
Before switching to Production, make sure your integration has been tested in Sandbox.

Last modified on June 17, 2026