The REST API provides 3 authentication mechanisms:
- server to server credentials
- signature credentials
Your can get your authentication inrforation from the merchant backoffice.
In the Settings -> Shop section, select the REST API keys tab.
The tab shows your keys in the Krypton API Keys section:
The REST API uses HTTP Basic Access Authentication.
To authenticate your web-service call, you need to add an additional HTTP Header to your request:
Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l
where QWxhZGRpbjpPcGVuU2VzYW1l is a base64 encoded string using the following pattern:
Basic authentication credentials are defined in the REST API tab:
|username||HTTP basic authentication usename. It's the same value as the shop id.|
|test password||HTTP basic authentication password to use for test transactions.|
|production password||HTTP basic authentication password to use for production transactions. Never publish this password.|
|test public key||Public key used for test transactions.|
|production public key||Public key used for production transactions.|
If you want to validate transaction parameters posted by the payment form, then you also needSHA256 keys.
There are two SHA256 keys available:
|SHA256 test key||Use this key to validate kr_sha256 parameters for test transactions.|
|SHA256 production key||Use this key to validate kr_sha256 parameters for production transactions.|
Don't worry, we've got you covered. If you don't have any account yet, you can use the following demo keys:
|Test public key||69876357:testpublickey_DEMOPUBLICKEY95me92597fd28tGD4r5|
|Test SHA256 key||38453613e7f44dc58732bad3dca2bca3|