REST API Key with a Shared Secret Key

REST API keys are used to enable secure communication between the merchant and
Cybersource
when using REST APIs. To enable payments using the REST API, see: Getting Started with REST
The REST API supports two types of security keys:
  • P12 certificate
    for using JSON Web Token authentication.
  • Shared secret key
    for using HTTP signature authentication.
REST API keys expire after 3 years.
Security keys can be used to make any request, including payments. Treat your security keys as you would any secure password.
You must use separate keys for the test and production environments.
When you sign up for a Sandbox account, your confirmation email contains a key and shared secret key for HTTP Signature authentication. To create the keys manually, or to use a JSON Web Token instead, follow the instructions in Creating a REST API Key.
For more information about the REST API, see the
.

Create a Shared Secret Key Pair

Follow these steps to create a shared secret key pair.
  1. Log in to the
    Business Center
    :
  2. On the left navigation panel, navigate to
    Payment Configuration > Key Management
    .
  3. Click
    + Generate key
    .
  4. Under REST APIs, select
    REST – Shared Secret
    and then click
    Generate key
    .
    The REST API Shared Secret Key page appears.
  5. Click
    Download key
    .
    The .pem file is downloaded to your desktop.
When you generate one or more keys, you can view the keys on the Key Management page.