On This Page
FILTER BY TAG
Deprecating September 2026: HTTP Signature Messaging

Create a Shared Secret Key Pair

You must create a shared secret key pair to use HTTP signature message security.
All account users can create their own unique shared secret key pair. In addition, portfolio and merchant account users can also create a
meta key
 of a shared secret key pair. Meta keys enable an organization administrator to assign a single shared secret key pair to some or all transacting merchants in their organization. The purpose of a meta key is to reduce the time needed to manage an organization's keys. For example, by assigning the same meta key to all of your transacting merchants, you need to update only one key when it expires instead of having to update each transacting merchant's key when it expires.
For more information about meta keys, see the Meta Key Creation and Management section in the
Creating and Using Security Keys User Guide
.

Figure:

Account Type Overview
Portfolio
A portfolio account represents the partner administrator user. This account type can create and manage merchant accounts in the test and production environments.
Merchant
A merchant account represents the merchant administrator user. This account type can create and manage multiple transacting merchant accounts in their organization.
Transacting Merchant
A transacting merchant represents the merchant user who is processing transactions. This account type is typically the account that sends API requests.

Step 2A: Creating a Shared Secret Key Pair

Follow these steps to create a shared secret key pair:
  2. On the left navigation panel, choose
    Payment Configuration > Key Management
    .
  3. Click
    + Generate key
     on the Key Management page.
  4. Under REST APIs, choose
    REST – Shared Secret
     and then click
    Generate key
    .
    The REST API Shared Secret Key page appears.
  5. Click
    Download key
     .
    The
    .pem
     file downloads to your desktop.
    The
    Key
     value is your
    key ID
     and the
    Shared Secret
     value is your
    shared secret key
    .
    IMPORTANT
    Securely store the key credentials and
    .pem
     file in your system. These credentials are required in order to implement certain products, and you must be able to access them.
To create or submit another key, click
Generate another key
. To view all of your created keys, go to the Key Management page.
What to do next
To test your shared secret key pair, see Step 2B: Test Your Shared Secret Key Pair.

Step 2B: Test Your Shared Secret Key Pair

After creating your key certificate, you must verify that your key can successfully process API requests. Follow these steps to validate your key certificate in the Developer Center and the
Business Center
.
  2. On the left navigation panel, click .
  3. Under Authentication and Sandbox Credentials, go to the Authentication Type drop-down menu and choose
    HTTP Signature
    .
  4. Enter your organization ID in the
    Organization ID
     field.
  5. Enter your key, also known as your private key, in the
    Key
     field.
  6. Enter your secret key, also known as your public key, in the
    Shared Secret Key
     field.
  7. Click
    Update Credentials
    .
  8. Go to the Developer Center's API Reference and navigate to
    Payments >
    POST
     Process a Payment
    .
  9. Click
    Send
    .
    A message confirms that your request was successful with the status code 201.
  10. Log in to the
    Business Center
    :
  11. On the left navigation panel, choose
    Transaction Management > Transactions
    .
  12. Under Search Results, verify that the request ID from the test authorization response is listed in the Request ID column.
    If the test authorization was successful, a success message is present in the corresponding Applications column.
RELATED TO THIS PAGE