Mobile API keys
Before you begin, you will need two distinct API keys for processing Android mobile transactions to ensure security and fraud prevention in case of mobile device theft or breach.
API key to request single-use tokens: For payment requests coming from mobile devices you need to retrieve single-use tokens from the Customer Vault. The single-use tokens are generated using this API key.
When you create a test account you get access to a web link that you can use to create the API key for single-use tokens. On a live system, to get the API key for single-use tokens, contact Customer Support to get enrolled for processing Android mobile transactions. Once your account is set up, you will need to do this initial configuration in our merchant back office. This key is not the same as the key used for server-to-server API requests.
API key for server-to-server API calls: Once a single-use token is retrieved – it is valid for a one-time use only – it is sent to your server. You must then use the API key for server-to-server API calls to send requests from your server to the Card Payments API in order to process the transaction, which will include the single-use token as a parameter.
Click here to see how these two API keys are used in the transaction flow.
You must register on our Developer Center to get your Test account and Test server-to-server API keys. The API keys consists of two elements:
- Key username
- Key password
The key username and key password are combined into a string separated by a colon to create an API Key – i.e., “username:password”.
If you have already registered, you can find these Test credentials when you sign in to the Merchant Back Office.