The PCI Proxy APIs require different authentication methods depending on the called API:
API Key - is used only for the following endpoints:
Basic Authentication - is used for all other endpoints.
See an overview below about which authentication method should be applied to protect your requests.
Use your API key as the value for the
pci-proxy-api-key HTTP header to send PULL/PUSH requests.
It is possible to create and name multiple API keys each project.
You can obtain the API key menu within the Developers menu item in the Project section in the Dashboard.
If you don’t have an administrator role you may not have access to view your API keys in the Dashboard. Contact someone of your organisation with appropriate access and ask to be added with required rights.
Generate the Basic Authentication HTTP header using:
API Username / Merchant ID as the basic authentication username value
API Password as the basic authentication password value
You can obtain those values within the Developers menu item in the Project section in Dashboard.
Create a base64 encoded value of API Username and API Password (most HTTP clients are able to handle the base64 encoding automatically) and submit the Authorization header with each request. For example:
base64(merchantId:password) = MTAwMDAxMTAxMTpYMWVXNmkjJA==
Authorization: Basic MTAwMDAxMTAxMTpYMWVXNmkjJA==