Developers

The developers tab is the main tab for integrating our payment gateway into your system. Developers will find four tabs within the Developers section - API Credentials, IP Whitelist, Documentation and Redirects & Webhooks.

API Security Best Practices

When working with payment APIs, it's important to follow industry best practices for security. We recommend reviewing these authoritative resources:

• OWASP API Security Top 10
• PCI Security Standards Council
• Mozilla Web Security Guidelines

API Credentials

The API Credentials tab provides sensitive credentials for integrating with our Payment Gateway. You will find that you are provided two separate credentials, one for the production/live environment and another for the sandbox/test environment. You can also request to regenerate your credentials by clicking the button at the bottom of the screen. Please note that if you regenerate your credentials all previous credentials will be invalidated for both production and test environments.

These credentials are essential for all our integration methods, including Web Checkout, Direct API, and the upcoming Mobile SDK. Make sure to use the correct credentials based on your Test or Live Mode setting.

IP Whitelist

The IP Whitelist tab allows you to add or remove IPs that you choose to access your account via our APIs. By default you will find that no IPs are whitelisted, which means that any IP address with your API credentials has access to our Payment Gateway through your account.

Adding an IP address automatically blocks all IP addresses except the ones listed from being able to access your account even if they provide valid API credentials. We highly recommend enabling this for higher security.

For more information on IP whitelisting best practices, refer to NIST's Guidelines on Firewalls and Firewall Policy.

Redirects and Webhooks

Refer to Redirects and Webhooks for more information.