If your Web integration uses the origin key or your iOS or Android integration uses the client encryption public key, switch to the client key. In future versions the client key will be the only way to do client-side authentication. The client key makes it easier for you to manage the origins for your integration.
With the client key, you have:
- A single key for all your allowed origins in an environment.
- Flexibility to add and remove origins without having to generate a new client key.
- A human-readable prefix, test or live, so you can easily tell which environment a client key is linked to.
The client key also enables card type detection through Bank Identification Number (BIN) lookup, which is not available when using the origin key.
Availability and compatibility
The client key is available for the following:
| Online payments integration | Version |
|---|---|
| Web Drop-in and Components | Available for 3.10.1 and later. Previous versions require origin keys for client-side authentication. Starting 4.0.0 the client key is the only way to do client-side authentication. |
| iOS Drop-in and Components | 3.7.0 and later. Previous versions require client encryption public keys. Starting 4.0.0 the client key is the only way to do client-side authentication. |
| Android Drop-in and Components | 3.7.0 and later. Previous versions require client encryption public keys. Starting 4.0.0 the client key is the only way to do client-side authentication. |
| In-person payments integration | Solutions |
|---|---|
| POS Mobile SDK for iOS | Tap to Pay on iPhone Card reader—iOS |
| POS Mobile SDK for Android | Tap to Pay on Android Card reader—Android |
The client key is backwards compatible with the origin key and the public key. Generating a client key doesn't invalidate a pre-existing origin key or public key.
Switch to using the client key
To switch to using the client key, you must first generate your client key in your Customer Area:
- Log in to your Customer Area.
- Go to Developers > API credentials, and select the credential username for your integration, for example ws@Company.[YourCompanyAccount].
- Under Client settings > Authentication select the Client key tab.
- Select Generate client key.
- Select the copy icon and store your client key securely in your system.
- Under Add allowed origins, enter your domains and select Add.
- Select Save changes.
Once you have your client key, you need to add it to your integration. Choose your platform:
You must be running Web Drop-in or Web Components version 3.10.1 or above.
Replace originKey in your Web Drop-in or Web Components configuration object with:
