Create REST API Keys
REST API keys are used to enable secure communication between the merchant and
Cybersource
when using REST APIs. To enable payments using the REST API, see:
Getting Started with RESTThe REST API supports two types of security keys:
- P12 certificatefor using JSON Web Token authentication. See Create a P12 File.
- Shared secret keyfor using HTTP signature authentication. See Create a Shared Secret Key Pair.
REST API keys expire after 3 years.
Security keys can be used to make any request, including payments. Treat your security
keys as you would any secure password.
You must use separate keys for the test and production
environments.
When you sign up for a Sandbox account, your confirmation email contains a key and
shared secret key for HTTP Signature authentication.
For more information about the REST API, see the REST Getting Started Guide.
Create a Shared Secret Key Pair
Follow these steps to create a shared secret key pair.
- Log in to theBusiness Center:
- On the left navigation panel, navigate toPayment Configuration > Key Management.
- Click+ Generate key.
- Under REST APIs, selectREST – Shared Secretand then clickGenerate key.The REST API Shared Secret Key page appears.
- ClickDownload key.The .pem file is downloaded to your desktop.
When you generate one or more keys, you can view the keys on the Key Management page.