API keys and authentication

The REST API provides 3 authentication mechanisms:

  • server to server credentials
  • javascript credentials
  • signature credentials

    Getting Your Authentication information

    Your can get your authentication inrforation from the merchant backoffice.

    In the Settings -> Shop section, select the REST API keys tab.

    The tab shows your keys in the Krypton API Keys section:

    img/keys.png

      Server to sever credentials

      The REST API uses HTTP Basic Access Authentication.

      To authenticate your web-service call, you need to add an additional HTTP Header to your request:

      Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l

      where QWxhZGRpbjpPcGVuU2VzYW1l is a base64 encoded string using the following pattern:

      $username:$password

      Basic authentication credentials are defined in the REST API tab:

      Credentials Description
      username HTTP basic authentication usename. It's the same value as the shop id.
      test password HTTP basic authentication password to use for test transactions.
      production password HTTP basic authentication password to use for production transactions. Never publish this password.

      See implementation examples in various languages.

        Javascript credentials

        You need to define a public key when the javascript library is loaded:

        Credentials Description
        test public key Public key used for test transactions.
        production public key Public key used for production transactions.

          Signature credentials

          If you want to validate transaction parameters posted by the payment form, then you also needSHA256 keys.

          There are two SHA256 keys available:

          Credentials Description
          SHA256 test key Use this key to validate kr_sha256 parameters for test transactions.
          SHA256 production key Use this key to validate kr_sha256 parameters for production transactions.

            I don't have an account yet

            Don't worry, we've got you covered. If you don't have any account yet, you can use the following demo keys:

            Credentials Value
            Test username 69876357
            Test password testpassword_DEMOPRIVATEKEY23G4475zXZQ2UA5x7M
            Test public key 69876357:testpublickey_DEMOPUBLICKEY95me92597fd28tGD4r5
            Test SHA256 key 38453613e7f44dc58732bad3dca2bca3