On This Page
Redirect the Merchant
Your application must redirect the merchant to
Cybersource
so that the
merchant can log in with their Cybersource
credentials and provide permissions
for your application.IMPORTANT
A merchant giving permissions to your application must log in as an Account Owner or Account Administrator.
After the merchant provides or denies permissions for your application,
Cybersource
redirects the merchant to the redirect URL that you provided when you
registered. If the merchant attempted to grant permissions using an account with insufficient
privileges, the redirect response is the same as when a merchant denies permission. When you redirect the merchant to
Cybersource
, encode the URL with the
following parameters as a query string:Parameter Name | Required | Notes |
|---|---|---|
sub | Yes | Must be set to oauth . |
client_id | Yes | The client ID that you received when you registered
your application in the Business Center . |
redirect_url | Yes | The page to which Cybersource redirects
the merchant after the merchant grants your application permissions. The value of the
redirect_url parameter must exactly match the redirect URL that you
supplied during registration. |
state | No | Value that is sent in the response to prevent malicious
interception, such as a CSRF attack. |
Sample Redirect for Testing
https://businesscentertest.cybersource.com/ebc2/oauth/authorize?sub=oauth&redirect_url= https://www.example.com&client_id=yourClientId&state=StateValue
Sample Redirect for Production
https://businesscenter.cybersource.com/ebc2/oauth/authorize?sub=oauth&redirect_url= https://www.example.com&client_id=yourClientId&state=StateValue