API Overview

Creating and Using Security Keys
- Recent Revisions to This Document

Introduction to Security Keys

Create a Security Key
- Message-Level Encryption Keys
  - Creating a Message-Level Encryption Key
- PGP Keys
  - Creating PGP Keys
  - Adding PGP Keys to Your Account
  - Granting User Permissions
- REST API Key with a P12 File
  - Create a P12 File
- REST API Key with a Shared Secret Key
  - Create a Shared Secret Key Pair
- Secure Acceptance Keys
  - Creating a Secure Acceptance Key
- Simple Order API Keys
  - Creating a Simple Order API Key
- SOAP Toolkit Keys
  - Creating a SOAP Toolkit Key

Manage a Security Key
- Deactivate a Key
- Delete a Key
- Search for Keys Using Filters

Meta Key Creation and Management
- Create a Meta Key as a Portfolio User
- Create a Meta Key as a Merchant Account User
- Assign a Meta Key to All Merchants
- Assign a Meta Key to Select Merchants
- Remove a Meta Key from all Merchants
- Remove a Meta Key from Select Merchants
- Convert a Meta Key or Non-Meta Key
- Delete a Meta Key
- Regenerate a Meta Key

Meta Keys in Requests
- REST API Payment Request with a Meta Key
- Simple Order API Payment Request Using a Meta Key
- SOAP Payment Request Using a Meta Key
- SCMP API Payment Request using a Meta Key

VISA Platform Connect: Specifications and Conditions for Resellers/Partners

REST API Key with a Shared Secret Key

REST API keys are used to enable secure communication between the merchant and Cybersource when using REST APIs. To enable payments using the REST API, see: Getting Started with REST

The REST API supports two types of security keys:

P12 certificate
for using JSON Web Token authentication.

Shared secret key
for using HTTP signature authentication.

REST API keys expire after 3 years.

Security keys can be used to make any request, including payments. Treat your security keys as you would any secure password.

You must use separate keys for the test and production environments.

When you sign up for a Sandbox account, your confirmation email contains a key and shared secret key for HTTP Signature authentication. To create the keys manually, or to use a JSON Web Token instead, follow the instructions in Creating a REST API Key.

For more information about the REST API, see the REST Getting Started Guide

.