The keys to our API castle are public and private.
To authenticate your calls to the PaymentSpring REST API, you’ll need to use an API key. PaymentSpring accounts have two sets of keys, test and live, each with a private key and a public key. The public key is a key that is used on web pages and forms for to create a token, and can be safely exposed to the public as it has no access to sensitive data. The private key is the key that you will use to authenticate with the API for all other calls. You should protect the private key and never expose it to anyone you do not want accessing all your data.
When using the REST API, the API key is accepted through the username in the HTTP basic auth credentials system. No HTTP basic auth password is required. For example, a curl command to the API might be:
$ curl -u private-api-key: -XPOST https://api.paymentspring.com/api/v1/charge \ -d card_number=4111111111111111 -d card_exp_month=8 -d card_exp_year=2018 \ -d amount=2000
as the -u option in curl sets the HTTP basic auth credentials. Adding a colon after the username prevents curl from asking for a password.
Where can I get my API keys?
API keys can be found in the virtual terminal.
- Log in to manage.paymentspring.com.
- Click Account in the navigation menu on the left.
- You’ll see your current API keys at the bottom of the page. We only allow these keys to show once for security reasons.
- Click Generate New Keys. You can choose to expire the current keys now or in 1 hour.
- You will see the new set of keys. Save them now, for they will be starred out the next time you visit this page.
Once you have activated your account, you will see the live set of keys as well as the test keys. Both can be used whenever you like; you do not need to leave the virtual terminal in live mode in order to make calls to the API using the live keys. Essentially, these keys are associated to accounts for two different merchants: a test merchant and a live merchant both associated to your PaymentSpring account.
Have any feedback on this page? Let us know!