REST API Payment Request with a Meta Key

REST API meta keys can use either HTTP signature or JSON Web Token methods of authentication.

If you use the SDK, see the meta key section of the sample code documentation.

If you do not use the SDK, see the following information.

HTTP Signature

When creating the signature, use the portfolio or account ID as the value for the

v-c_merchant-id

header. However, when sending the API request, use the transacting merchant ID (MID) as the value for the

v-c-merchant-id

header.

Signature Headers

-c-merchant-id : merchantId
Key id : 266438gb-2120-4q36-8da7-fbb9a196d452
Shared Key : mgWWJVV2aGQyEPwufdhhe/GiFUhsNIwYvWMih4FMCN9E=
Request Target : post /pts/v2/payments
Host : api.cybersource.

JSON Web Token

The portfolio or account ID is not required in the header or the body. Pass the P12 certificate along with the

v-c-merchant-id

header, using the transacting merchant account ID (MID) as the value.

JSON Web Token

// JWT Header{
"v-c-merchant-id":"MerchantID",
"alg":"RS256",
"x5c":["MIIB2jCCAUOgAwlBAgIWNDg...=="]
}
// JWT Claimset
{
"digest":"0qjow45/L/m6DIHd8K90rL+tBKufR1RuyE4QG7whZQ=",
"digestAlgorithm":"SHA-256",
"iat":"1594249865"
}
// JWT Signature
{
data=base64urlEncode(JWT header)+"."+base64urlEncode(Claimset) signature=RS256Hash(data,);