On This Page
FILTER BY TAG

Create a Shared Secret Key Pair

This section describes how to create a shared secret key pair and test that it works. A shared secret key pair consists of a
key ID
 and a
shared secret key
, which you must have in order to construct JWT messages and enable MLE.
(Optional) Meta Keys
If you are using a portfolio or merchant account, you have the option to create a
meta key
 of a shared secret key pair. Meta keys enable an organization administrator to assign a single shared secret key pair to some or all transacting merchants in their organization. The purpose of a meta key is to reduce the time needed to manage an organization's keys. For example, by assigning the same meta key to all of your transacting merchants, you only need to update one key when it expires instead of having to update each transacting merchant's key.
For more information about meta keys, see the Meta Key Creation and Management section in the
Creating and Using Security Keys User Guide
.
acquirer

Merchant Account User: Create a Shared Secret Meta Key

This section describes how to create a meta key as a merchant account user in the
Gateway Portal
.
IMPORTANT
Only merchant account users can complete this task.
IMPORTANT
If you would like to create meta keys using the API, contact your support team for more information.
Follow these steps to create a meta key for a shared secret key pair:
  1. Log in to the
    Gateway Portal
    :
  2. On the left navigation panel, choose
    Payment Configuration > Key Management
    .
    If you are using a portfolio account to create a meta key for one of your merchant accounts, you can switch to a merchant account by clicking
    Switch merchant
    .
    The Quick Merchant Switch page appears.
    Choose the merchant account ID that you want to switch to, and click
    Switch
    .
  3. In the
    Merchant ID
     search filter, choose your merchant account ID.
    If you logged in from a portfolio user account or the account (
    _acct
    ) level, verify that the merchant ID you choose does not contain
    _acct
     in the ID name.
  4. Click
    + Generate key
    .
    The Create Key page appears.
  5. Choose
    REST – Shared Secret
     and click
    Generate key
    .
    The Key options window appears.
  6. Check the
    Create as a Meta-Key
     box and click
    Continue
    .
  7. Choose one of these options to assign the key:
    • To assign this key to all accounts in the current portfolio, choose
      All current and future Merchant IDs
      , click
      Create key
      , and continue to the Create Key page. All future merchant IDs will be automatically assigned this key. You are done and do not need to proceed with the following steps.
    • To assign this key to a specific merchant or group of merchants, choose
      Custom Merchant ID selection
       and then click
      Create key
      . This key is not automatically assigned to any future merchants. Proceed to the following steps.
  8. Click
    + Add custom merchant ids
    . The Add Custom Merchant IDs page appears.
    By default, all merchant IDs are shown in the Merchant IDs table. To limit the list to a subset of merchant IDs, click
    + Add filter
    , choose a search filter from the drop-down menu, and click
    Search
    .
  9. Check one or more transacting MID account boxes, and click
    Submit
    .
    The Key Generation page opens.
  10. Click
    Create key
    .
    Continue to the Create Key page to view your new key.
    You can also generate a new key by clicking
    + Generate Key
     again.

AFTER COMPLETING THE TASK

To test your shared secret key pair, see Test Your Shared Secret Key Pair.
acquirer

Portfolio User: Create a Shared Secret Meta Key

This section describes how to create a meta key as a portfolio user in the
Gateway Portal
.
IMPORTANT
Only portfolio account users can complete this task.
IMPORTANT
If you would like to create meta keys using the API, contact your support team for more information.
Follow these steps to create a meta key for a shared secret key pair:
  1. Log in to the
    Gateway Portal
    :
  2. On the left navigation panel, choose
    Payment Configuration > Key Management
    .
  3. In the
    Merchant Id
     field, choose your portfolio ID if it is not already chosen by default.
  4. Click
    + Generate key
    .
    The Create Key page appears.
  5. Choose
    REST – Shared Secret
     and click
    Generate key
    .
    The Key options page appears.
  6. Check the
    Create as a Meta-Key
     box and click
    Continue
    .
  7. Choose one of these options to assign the key:
    • To assign this key to all accounts in the current portfolio, choose
      All current and future Merchant IDs
      , click
      Create key
      , and continue to the Create Key page. All future merchant IDs will be automatically assigned this key. You are done and do not need to proceed with the following steps.
    • To assign this key to a specific merchant or group of merchants, choose
      Custom Merchant ID selection
       and then click
      Create key
      . This key is not automatically assigned to any future merchants. Proceed to the following steps.
  8. Click
    + Add custom merchant ids
    . The Add Custom Merchant IDs page appears.
    By default, all merchant IDs are shown in the Merchant IDs table. To limit the list to a subset of merchant IDs, click
    + Add filter
    , choose a search filter from the drop-down menu, and click
    Search
    .
  9. Check one or more transacting MID account boxes, and click
    Submit
    .
    The Key Generation page opens.
  10. Click
    Create key
    .
    Continue to the Create Key page to view your new key.
    You can also generate a new key by clicking
    + Generate Key
     again.

AFTER COMPLETING THE TASK

To test your shared secret key pair, see Test Your Shared Secret Key Pair.

Step 2A: Create a Shared Secret Key Pair

Follow these steps to create a shared secret key pair:
  2. On the left navigation panel, choose
    Payment Configuration > Key Management
    .
  3. Click
    + Generate key
     on the Key Management page.
  4. Under REST APIs, choose
    REST – Shared Secret
     and then click
    Generate key
    .
    The REST API Shared Secret Key page appears.
  5. Click
    Download key
     .
    The
    .pem
     file downloads to your desktop.
    The
    Key
     value is your
    key ID
     and the
    Shared Secret
     value is your
    shared secret key
    .
    IMPORTANT
    Securely store the key credentials and
    .pem
     file in your system. These credentials are required in order to implement certain products, and you must be able to access them.
To create or submit another key, click
Generate another key
. To view all of your created keys, go to the Key Management page.
What to do next
To test your shared secret key pair, see Step 2B: Test Your Shared Secret Key Pair.

Step 2B: Test Your Shared Secret Key Pair

After creating your shared secret key pair, you must verify that your key pair can successfully process API requests. Follow these steps to validate your key pair in the Developer Center and the
Gateway Portal
.
  2. On the left navigation panel, click .
  3. Under Authentication and Sandbox Credentials, go to the Authentication Type drop-down menu and choose
    HTTP Signature
    .
  4. Enter your organization ID in the
    Organization ID
     field.
  5. Enter your key ID in the
    Key
     field.
  6. Enter your shared secret key in the
    Shared Secret Key
     field.
  7. Click
    Update Credentials
    .
    A confirmation message displays stating that your credentials are successfully updated.
  8. Go to the Developer Center's API Reference and navigate to
    Payments >
    POST
     Process a Payment
    .
  9. Click
    Send
    .
    A message confirms that your request was successful with the status code 201.
  11. On the left navigation panel, choose
    Transaction Management > Transactions
    .
  12. Under Search Results, verify that the request ID from the test authorization response is listed in the Request ID column.
    If the test authorization was successful, a success message is present in the corresponding Applications column.
RELATED TO THIS PAGE