{"title":"Roles","category":"default","creationDate":1687785720,"content":"

API credentials have roles which say what the credential is allowed to do.<\/p>\n

Your company API credential, for example ws@Company.<\/strong><\/span>[YourCompanyAccount]<\/strong>, has a set of roles that were assigned by default when the company account was created. These default roles are marked in the tables on this page. Any role that your ws<\/strong><\/span> credential has, can be assigned to other credentials in your company. These roles are available through the Customer Area UI and through Management API.<\/p>\n

If you need roles that your ws<\/strong><\/span> credential doesn't have, contact our Support Team<\/a>.<\/p>\n

Roles for payments<\/h2>\n

The following table show the most frequently used API credential roles for payments.<\/p>\n

\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Role name<\/th>\nAssigned by default<\/th>\nDescription<\/th>\n<\/tr>\n<\/thead>\n
Merchant PAL webservice role<\/td>\n\"-white_check_mark-\"<\/td>\nMake API requests to Adyen.
If you disable this role, you can no longer process transactions with this API credential.<\/td>\n<\/tr>\n
Checkout webservice role<\/td>\n\"-white_check_mark-\"<\/td>\nUse our Checkout API<\/a>.<\/td>\n<\/tr>\n
Merchant Recurring role<\/td>\n\"-white_check_mark-\"<\/td>\nUse tokenization<\/a> to save shopper's payment details and use them for future payments.<\/td>\n<\/tr>\n
Data Protection API<\/td>\n\"-white_check_mark-\"<\/td>\nUse the Data Protection API<\/a>, which allowed you to delete data, as required by General Data Protection Regulation (GDPR).<\/td>\n<\/tr>\n
Checkout encrypted cardholder data<\/td>\n<\/td>\nUse our Drop-in<\/a>, Components<\/a>, or Custom Card fields<\/a> to send in encrypted card data.
For this role, you need to assess your PCI DSS compliance according to Self-Assessment Questionnaire A (SAQ A)<\/a>.<\/td>\n<\/tr>\n
API PCI Payments role<\/td>\n<\/td>\nIf you want to submit payment requests with raw card data, you need to assess your PCI DSS compliance according to Self-Assessment Questionnaire D (SAQ D)<\/a>.

If you are using a Service Provider who has access to your shoppers' cardholder data, see the requirements when using a Service Provider<\/a>.

To enable this role, contact our Support Team<\/a>.<\/td>\n<\/tr>\n
API Payment RefundWithData<\/td>\n<\/td>\nSubmit unreferenced refunds<\/a>.
To enable this role, contact our Support Team<\/a>.<\/td>\n<\/tr>\n
Management API\u2014Assign Terminal<\/td>\n<\/td>\nUse our Management API<\/a> to assign payment terminals.<\/td>\n<\/tr>\n
Cloud Device API role<\/td>\n<\/td>\nUse our Cloud device API<\/a>.<\/td>\n<\/tr>\n
Allow SDK download for POS developers<\/td>\n<\/td>\nDownload the Android and iOS mobile SDKs to use our Mobile solutions<\/a>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\n<\/div>\n\n

Management API roles<\/h2>\n

The following table show the most frequently used API credential roles for using the Management API.<\/p>\n

\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Role name<\/th>\nAssigned by default<\/th>\nDescription<\/th>\n<\/tr>\n<\/thead>\n
Management API\u2014Account read<\/td>\n\"-white_check_mark-\"<\/td>\nGet the company and merchant accounts that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Stores read<\/td>\n\"-white_check_mark-\"<\/td>\nGet the stores that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Stores read and write<\/td>\n\"-white_check_mark-\"<\/td>\nGet, create, and update the stores that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014API credentials read and write<\/td>\n\"-white_check_mark-\"<\/td>\nGet, create, update, and delete the API credentials that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Users read and write<\/td>\n<\/td>\nGet, create, and update the users that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Webhooks read<\/td>\n\"-white_check_mark-\"<\/td>\nGet the webhooks that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Webhooks read and write<\/td>\n\"-white_check_mark-\"<\/td>\nGet, create, update, and delete the webhooks that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Payment methods read<\/td>\n\"-white_check_mark-\"<\/td>\nGet the payment methods that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Payment methods read and write<\/td>\n<\/td>\nGet, create, and update the payment methods that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Terminal ordering read<\/td>\n<\/td>\nGet the payment terminal orders, shipping locations, and billing locations that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Terminal ordering read and write<\/td>\n<\/td>\nGet, create, and update the payment terminal orders, shipping locations, and billing locations that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Terminal settings read<\/td>\n<\/td>\nGet the payment terminal settings that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Terminal settings read and write<\/td>\n<\/td>\nGet, create, and update the payment terminal general settings that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Terminal settings Advanced read and write<\/td>\n<\/td>\nGet, create, and update the sensitive payment terminal settings<\/a> that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Terminal actions read<\/td>\n<\/td>\nGet the payment terminal actions that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014Terminal actions read and write<\/td>\n<\/td>\nGet, create, and update the payment terminal actions that the API credential has access to.<\/td>\n<\/tr>\n
Management API\u2014SplitConfiguration read and write<\/td>\n<\/td>\nGet, create, update, and delete split configuration profiles that determine if and how to split payments in an Adyen for Platforms<\/a> integration.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\n<\/div>\n","url":"https:\/\/docs.adyen.com\/development-resources\/api-credentials\/roles","articleFields":{"description":"Find out what roles your API credential needs to do an action.","feedback_component":true,"last_edit_on":"26-06-2023 15:25","filters_component":false,"page_id":"84e69e5e-817f-4ec1-8df6-252213872a99"},"algolia":{"url":"https:\/\/docs.adyen.com\/development-resources\/api-credentials\/roles","title":"Roles","content":"API credentials have roles which say what the credential is allowed to do.\nYour company API credential, for example ws@Company.[YourCompanyAccount], has a set of roles that were assigned by default when the company account was created. These default roles are marked in the tables on this page. Any role that your ws credential has, can be assigned to other credentials in your company. These roles are available through the Customer Area UI and through Management API.\nIf you need roles that your ws credential doesn't have, contact our Support Team.\nRoles for payments\nThe following table show the most frequently used API credential roles for payments.\n\n \n\n\n\nRole name\nAssigned by default\nDescription\n\n\n\n\nMerchant PAL webservice role\n\nMake API requests to Adyen. If you disable this role, you can no longer process transactions with this API credential.\n\n\nCheckout webservice role\n\nUse our Checkout API.\n\n\nMerchant Recurring role\n\nUse tokenization to save shopper's payment details and use them for future payments.\n\n\nData Protection API\n\nUse the Data Protection API, which allowed you to delete data, as required by General Data Protection Regulation (GDPR).\n\n\nCheckout encrypted cardholder data\n\nUse our Drop-in, Components, or Custom Card fields to send in encrypted card data. For this role, you need to assess your PCI DSS compliance according to Self-Assessment Questionnaire A (SAQ A).\n\n\nAPI PCI Payments role\n\nIf you want to submit payment requests with raw card data, you need to assess your PCI DSS compliance according to Self-Assessment Questionnaire D (SAQ D).If you are using a Service Provider who has access to your shoppers' cardholder data, see the requirements when using a Service Provider. To enable this role, contact our Support Team.\n\n\nAPI Payment RefundWithData\n\nSubmit unreferenced refunds. To enable this role, contact our Support Team.\n\n\nManagement API\u2014Assign Terminal\n\nUse our Management API to assign payment terminals.\n\n\nCloud Device API role\n\nUse our Cloud device API.\n\n\nAllow SDK download for POS developers\n\nDownload the Android and iOS mobile SDKs to use our Mobile solutions.\n\n\n\n\n\n\nManagement API roles\nThe following table show the most frequently used API credential roles for using the Management API.\n\n \n\n\n\nRole name\nAssigned by default\nDescription\n\n\n\n\nManagement API\u2014Account read\n\nGet the company and merchant accounts that the API credential has access to.\n\n\nManagement API\u2014Stores read\n\nGet the stores that the API credential has access to.\n\n\nManagement API\u2014Stores read and write\n\nGet, create, and update the stores that the API credential has access to.\n\n\nManagement API\u2014API credentials read and write\n\nGet, create, update, and delete the API credentials that the API credential has access to.\n\n\nManagement API\u2014Users read and write\n\nGet, create, and update the users that the API credential has access to.\n\n\nManagement API\u2014Webhooks read\n\nGet the webhooks that the API credential has access to.\n\n\nManagement API\u2014Webhooks read and write\n\nGet, create, update, and delete the webhooks that the API credential has access to.\n\n\nManagement API\u2014Payment methods read\n\nGet the payment methods that the API credential has access to.\n\n\nManagement API\u2014Payment methods read and write\n\nGet, create, and update the payment methods that the API credential has access to.\n\n\nManagement API\u2014Terminal ordering read\n\nGet the payment terminal orders, shipping locations, and billing locations that the API credential has access to.\n\n\nManagement API\u2014Terminal ordering read and write\n\nGet, create, and update the payment terminal orders, shipping locations, and billing locations that the API credential has access to.\n\n\nManagement API\u2014Terminal settings read\n\nGet the payment terminal settings that the API credential has access to.\n\n\nManagement API\u2014Terminal settings read and write\n\nGet, create, and update the payment terminal general settings that the API credential has access to.\n\n\nManagement API\u2014Terminal settings Advanced read and write\n\nGet, create, and update the sensitive payment terminal settings that the API credential has access to.\n\n\nManagement API\u2014Terminal actions read\n\nGet the payment terminal actions that the API credential has access to.\n\n\nManagement API\u2014Terminal actions read and write\n\nGet, create, and update the payment terminal actions that the API credential has access to.\n\n\nManagement API\u2014SplitConfiguration read and write\n\nGet, create, update, and delete split configuration profiles that determine if and how to split payments in an Adyen for Platforms integration.\n\n\n\n\n\n","type":"page","locale":"en","boost":17,"hierarchy":{"lvl0":"Home","lvl1":"Development resources","lvl2":"API credentials","lvl3":"Roles"},"hierarchy_url":{"lvl0":"https:\/\/docs.adyen.com\/","lvl1":"https:\/\/docs.adyen.com\/development-resources","lvl2":"https:\/\/docs.adyen.com\/development-resources\/api-credentials","lvl3":"\/development-resources\/api-credentials\/roles"},"levels":4,"category":"Development Resources","category_color":"green","tags":["Roles"]}}