Redirecting the Merchant
Your application must redirect the merchant to Cybersource so that the merchant can log in with their Cybersource credentials and provide permissions for your application.
A merchant giving permissions to your application must log in as an Account Owner or Account Administrator.
After the merchant provides or denies permissions for your application, Cybersource redirects the merchant to the redirect URL that you provided when you registered. If the merchant attempted to grant permissions using an account with insufficient privileges, the redirect response is the same as when a merchant denies permission.
When you redirect the merchant to Cybersource, encode the URL with the following parameters as a query string:
Must be set to
The client ID that you received when you registered your application in the Business Center.
The page to which Cybersource redirects the merchant after the merchant grants your application permissions. The value of the
redirect_urlparameter must exactly match the redirect URL that you supplied during registration.
Value that is sent in the response to prevent malicious interception, such as a CSRF attack.
Sample Redirect for Testing
Sample Redirect for Production