BusinessPersonal
Documentation

Authenticate with MoneyGram

Suggest Edits

Authenticate using SEP-10. Required information:

  1. User’s integer ID (positive, ≤64 bits).
  2. MoneyGram’s authentication endpoint:
    1. Test: https://extstellar.moneygram.com/stellaradapterservice/auth
    2. Preview: https://previewstellar.moneygram.com/stellaradapterservicepreview/auth
    3. Production: https://stellar.moneygram.com/stellaradapterservice/auth
  3. MoneyGram’s public key:
    1. Testnet: GCUZ6YLL5RQBTYLTTQLPCM73C5XAIUGK2TIMWQH7HPSGWVS2KJ2F3CHS
    2. Preview/Production: GD5NUMEX7LYHXGXCAD4PGW7JDMOUY2DKRGY5XZHJS5IONVHDKCJYGVCL

Application’s authentication keypair.


Steps

  1. Request authentication challenge.
  2. MoneyGram provides challenge.
  3. Verify MoneyGram’s signature.
  4. Sign challenge with application’s key.
  5. Submit signed challenge.
  6. Receive session token.

import { Wallet, SigningKeypair } from "@stellar/typescript-wallet-sdk";

const wallet = Wallet.TestNet();

// Testnet
const MGI_ACCESS_HOST = "extstellar.moneygram.com";
// Mainnet
// const MGI_ACCESS_HOST = "stellar.moneygram.com";

// First we create an anchor object with MoneyGram's home domain.
const anchor = wallet.anchor({ homeDomain: MGI_ACCESS_HOST });

// Then we create the sep10 object which handles all the athentication steps.
const sep10 = await anchor.sep10();

// Finally, we authenticate using the wallet's SIGNING_KEY secret.
const authKey = SigningKeypair.fromSecret(AUTH_SECRET_KEY);
const authToken = await sep10.authenticate({ accountKp: authKey });

import requests
from stellar_sdk import Network
from stellar_sdk.sep.stellar_web_authentication import read_challenge_transaction

# Testnet
MGI_ACCESS_HOST = "extmgxanchor.moneygram.com"
# Pubnet
# MGI_ACCESS_HOST = "stellar.moneygram.com"

def get_token() -> str:
    query = f"{AUTH_URL}?account={AUTH_PUBLIC_KEY}&memo={USER_ID}"
    response = requests.get(query)
    body = response.json()
    challenge = read_challenge_transaction(
        challenge_transaction=body["transaction"],
        server_account_id=MGI_ACCESS_SIGNING_KEY,
        home_domains=MGI_ACCESS_HOST,
        web_auth_domain=MGI_ACCESS_HOST,
        network_passphrase=Network.TESTNET_NETWORK_PASSPHRASE
    )
    challenge.transaction.sign(AUTH_SECRET_KEY)
    post_body = {
        "transaction": challenge.transaction.to_xdr()
    }
    response = requests.post(f"{AUTH_URL}", json=post_body)
    response_body = response.json()
    return response_body["token"]

Updated about 1 month ago

What’s Next
Moneygram Logo
Media Center Privacy Center Terms of Use Become an agent MoneyGram Money Transfer
LinkedIn Facebook Instagram Twitter Youtube

Authorized to do business in all 50 states, D.C. and all U.S. territories, NMLS #898432. Licensed as a Money Transmitter by the New York State Department of Financial Services. Massachusetts Check Seller License #CS0025, Foreign Transmittal License #FT89432. MoneyGram. MoneyGram Payment Systems, Inc. is registered as a Money Services Business under FinCEN, Registration #. 31000221116940. MoneyGram and the Globe are marks of MoneyGram. All other marks are the property of their respective owners. © 2023 MoneyGram