Our Tokenization API supports generation of tokens which are returned in the response and can be stored for current and future use when creating new payments.

Tokenization of payment methods is on a per-terminal basis, so, once you obtain a token, that token can only be used to submit payments with the same terminal.

Tokenization is available on all terminals and does not require any special configuration.

The API is JSON-only and access is only permitted over HTTPS.

API Endpoints

Production

Sandbox

The Sandbox has all the functionality of the production site, except that all the tokens created can only be used in the Sandbox.

We recommend you use our Sandbox to familiarize yourself with our APIs and complete your integration, switching to the production site once you are certain that you have integrated correctly.

All requests to our APIs are over HTTPS. Insecure HTTP requests will be rejected.

Authentication

Authentication to our APIs is via BasicAuth, using your API key as the username, and without any password.

For example, let's say your API key is YOUR_API_KEY, then, for the purposes of the BasicAuth algorithm, the username is YOUR_API_KEY, and there is no password, resulting in the input string "YOUR_API_KEY:" (note the colon!)

This input string is then Base64 encoded and included in the Authorization header.

Authorization: Basic WU9VUl9BUElfS0VZOg