Update an API credential

patch/merchants/{merchantId}/apiCredentials/{apiCredentialId}

API Version

Changes the API credential's roles, or allowed origins. The request has the new values for the fields you want to change. The response contains the full updated API credential, including the new values from the request.

To make this request, your API credential must have the following roles:

Management API—API credentials read and write

Endpoint destination URL

https://management-test.adyen.com/v3/merchants/{merchantId}/apiCredentials/{apiCredentialId}

Path Parameters

Required

Optional

Unique identifier of the API credential.

The unique identifier of the merchant account.

Request Parameters

Required

Optional

Indicates if the API credential is enabled.

The new list of allowed origins for the API credential.

Description of the API credential.

List of roles for the API credential. Only roles assigned to 'ws@Company.<CompanyName>' can be assigned to other API credentials.

Response parameters

After submitting a call, you receive a response message to inform you that your request was received and processed.

Depending on the HTTP status code of the response message, it is helpful to build some logic to handle any errors that a request or the system may return.

HTTP Responses

200 - OK
The request has succeeded.
_linksobject
References to resources linked to the API credential.
allowedOriginsobject
List of allowed origins.
hrefstring
companyobject
Company account that the API credential is linked to. Only present for company-level webhooks.
hrefstring
generateApiKeyobject
Generates a new API key. When you generate a new one, the existing key remains valid for 24 hours.
hrefstring
generateClientKeyobject
Generates a new client key, used to authenticate client-side requests. When you generate a new one, the existing key remains valid for 24 hours.
hrefstring
merchantobject
The merchant account that the API credential is linked to. Only present for merchant-level API credentials.
hrefstring
selfobject
Link to the resource itself.
hrefstring
activeboolean
Indicates if the API credential is enabled. Must be set to true to use the credential in your integration.
allowedIpAddressesarray[string]
List of IP addresses from which your client can make requests.

If the list is empty, we allow requests from any IP. If the list is not empty and we get a request from an IP which is not on the list, you get a security error.
allowedOriginsarray[object]
List containing the allowed origins linked to the API credential.
_linksobject
References to resources linked to the allowed origin.
selfobject
Link to the resource itself.
hrefstring
domainstring
Domain of the allowed origin.
idstring
Unique identifier of the allowed origin.
clientKeystring
Public key used for client-side authentication. The client key is required for Drop-in and Components integrations.
descriptionstring
Max length: 50
Description of the API credential.
idstring
Unique identifier of the API credential.
rolesarray[string]
List of roles for the API credential.
usernamestring
The name of the API credential, for example ws@Company.TestCompany.
204 - No Content
The request has been successfully processed, but there is no additional content.
400 - Bad Request
A problem reading or understanding the request.
detailstring
A human-readable explanation specific to this occurrence of the problem.
errorCodestring
A code that identifies the problem type.
instancestring
A unique URI that identifies the specific occurrence of the problem.
invalidFieldsarray[object]
Detailed explanation of each validation error, when applicable.
messagestring
Description of the validation error.
namestring
The field that has an invalid value.
valuestring
The invalid value.
requestIdstring
A unique reference for the request, essentially the same as pspReference.
responseobject
JSON response payload.
statusinteger
The HTTP status code.
titlestring
A short, human-readable summary of the problem type.
typestring
A URI that identifies the problem type, pointing to human-readable documentation on this problem type.
401 - Unauthorized
Authentication required.
detailstring
A human-readable explanation specific to this occurrence of the problem.
errorCodestring
A code that identifies the problem type.
instancestring
A unique URI that identifies the specific occurrence of the problem.
invalidFieldsarray[object]
Detailed explanation of each validation error, when applicable.
messagestring
Description of the validation error.
namestring
The field that has an invalid value.
valuestring
The invalid value.
requestIdstring
A unique reference for the request, essentially the same as pspReference.
responseobject
JSON response payload.
statusinteger
The HTTP status code.
titlestring
A short, human-readable summary of the problem type.
typestring
A URI that identifies the problem type, pointing to human-readable documentation on this problem type.
403 - Forbidden
Insufficient permissions to process the request.
detailstring
A human-readable explanation specific to this occurrence of the problem.
errorCodestring
A code that identifies the problem type.
instancestring
A unique URI that identifies the specific occurrence of the problem.
invalidFieldsarray[object]
Detailed explanation of each validation error, when applicable.
messagestring
Description of the validation error.
namestring
The field that has an invalid value.
valuestring
The invalid value.
requestIdstring
A unique reference for the request, essentially the same as pspReference.
responseobject
JSON response payload.
statusinteger
The HTTP status code.
titlestring
A short, human-readable summary of the problem type.
typestring
A URI that identifies the problem type, pointing to human-readable documentation on this problem type.
422 - Unprocessable Entity
A request validation error.
detailstring
A human-readable explanation specific to this occurrence of the problem.
errorCodestring
A code that identifies the problem type.
instancestring
A unique URI that identifies the specific occurrence of the problem.
invalidFieldsarray[object]
Detailed explanation of each validation error, when applicable.
messagestring
Description of the validation error.
namestring
The field that has an invalid value.
valuestring
The invalid value.
requestIdstring
A unique reference for the request, essentially the same as pspReference.
responseobject
JSON response payload.
statusinteger
The HTTP status code.
titlestring
A short, human-readable summary of the problem type.
typestring
A URI that identifies the problem type, pointing to human-readable documentation on this problem type.
500 - Internal Server Error
The server could not process the request.
detailstring
A human-readable explanation specific to this occurrence of the problem.
errorCodestring
A code that identifies the problem type.
instancestring
A unique URI that identifies the specific occurrence of the problem.
invalidFieldsarray[object]
Detailed explanation of each validation error, when applicable.
messagestring
Description of the validation error.
namestring
The field that has an invalid value.
valuestring
The invalid value.
requestIdstring
A unique reference for the request, essentially the same as pspReference.
responseobject
JSON response payload.
statusinteger
The HTTP status code.
titlestring
A short, human-readable summary of the problem type.
typestring
A URI that identifies the problem type, pointing to human-readable documentation on this problem type.

Update an API credential

HTTP Responses

200 - OK

204 - No Content

400 - Bad Request

401 - Unauthorized

403 - Forbidden

422 - Unprocessable Entity

500 - Internal Server Error