API Overview

Getting Started with REST Developer Guide
- Recent Revisions to This Document

Introduction

How to Set Up REST

Set Up JWT Message Using P12 Certificate
- Step 1: Sign Up for a Sandbox Account
- Step 2: Create or Submit a P12 Certificate
- Step 3: Construct Messages Using JSON Web Tokens
- Step 4: Enable Message-Level Encryption
- Step 5: Test Your Setup
- Step 6: Going Live

Set Up JWT Message Using Shared Secret Key Pair
- Step 1: Sign Up for a Sandbox Account
- Step 2: Create a Shared Secret Key Pair
- Step 3: Construct Messages Using JSON Web Tokens
- Step 4: Enable Message-Level Encryption
- Step 5: Test Your Setup
- Step 6: Going Live

Set Up JWT Message Using REST SDK
- Step 1: Sign Up for a Sandbox Account
- Step 2: Create Security Key
  - Create P12 Certificate
  - Create Shared Secret Key Pair
- Step 3: Create REST–API Response Key
- Step 4: Install REST SDK
- Step 5: Test Your Setup
- Step 6: Going Live

Set Up HTTP Signature Message [DEPRECATING]
- Step 1: Sign Up for a Sandbox Account
- Step 2: Create a Shared Secret Key Pair
- Step 3: Construct Messages Using HTTP Signature Security
- Step 4: Test Your Setup
- Step 5: Going Live

VISA Platform Connect: Specifications and Conditions for Resellers/Partners

On This Page

Set Up an HTTP Signature Message

To set up HTTP signature messaging, you must complete the tasks described in this section.

WARNING

By September 2026
, all merchants using HTTP signature messaging must migrate to JSON Web Token (JWT) messaging in order to support message-level encryption (MLE). You risk transaction failures if you do not implement this update. If you are setting up your system to be REST-compliant for the first time, Cybersource recommends using JWT messaging.

To update your system to support JWT messaging, use one of these methods:

JWT messaging using a

shared secret key pair

JWT messaging using a

P12 certificate

Set Up HTTP Signature Messaging

Sign up for a test account. See Sign Up for a Sandbox Account.

Create a shared secret key. See Create a Shared Secret Key Pair.

Construct a message using HTTP signature security. See Construct Messages Using HTTP Signature Security.

Test your REST transaction messages. See Test Your Setup.

Go live by transitioning your sandbox account into a production account. Going Live.

Back to top