REST API Payment Request with a Meta Key
REST API meta keys can use either HTTP signature or JSON Web Token methods of
authentication.
If you use the SDK, see the meta key section of the sample code documentation.
If you do not use the SDK, see the following information.
HTTP Signature
When creating the signature, use the portfolio or account ID as the value for the
v-c_merchant-id
header. However, when sending the API
request, use the transacting merchant ID (MID) as the value for the
v-c-merchant-id
header.Signature Headers
-c-merchant-id : merchantId Key id : 266438gb-2120-4q36-8da7-fbb9a196d452 Shared Key : mgWWJVV2aGQyEPwufdhhe/GiFUhsNIwYvWMih4FMCN9E= Request Target : post /pts/v2/payments Host : api.cybersource.
JSON Web Token
The portfolio or account ID is not required in the header or the body. Pass the P12
certificate along with the
v-c-merchant-id
header, using the
transacting merchant account ID (MID) as the value.JSON Web Token
// JWT Header{ "v-c-merchant-id":"MerchantID", "alg":"RS256", "x5c":["MIIB2jCCAUOgAwlBAgIWNDg...=="] } // JWT Claimset { "digest":"0qjow45/L/m6DIHd8K90rL+tBKufR1RuyE4QG7whZQ=", "digestAlgorithm":"SHA-256", "iat":"1594249865" } // JWT Signature { data=base64urlEncode(JWT header)+"."+base64urlEncode(Claimset) signature=RS256Hash(data,);