Search

Are you looking for test card numbers?

Would you like to contact support?

Developer-resource icon

How to get an origin key

An origin key is a client-side key that is used to validate Adyen's JavaScript component library. It is required for our Drop-in and Component integrations.

Instead of using an origin key, consider switching to a client key for your Web Drop-in or Web Component integration. This allows you to use a single key for all origins, add or remove origins without generating a new key, and detect the card type from the number entered in your payment form.

The origin key is linked directly to a combination of three elements:

  • The account name (either your company or merchant account).
  • The environment (live or test).
  • The website domain where a payment request comes from (including the port).

If one or more of these elements change — such as a change to the protocol, port, or environment — you will need a different origin key.

For example, if you are initially performing test transactions on your local machine, a domain of https://localhost:8080, and you move your tests to a test server on your local network, a domain of https://192.168.10.10, you will need need to create a new origin key for this new server.

If you have multiple domains, you can use our /originKeys API call to quickly generate multiple origin keys.

Generate a single origin key

Instead of using an origin key, consider switching to a client key for your Web Drop-in or Web Component integration. This allows you to use a single key for all origins, add or remove origins without generating a new key, and detect the card type from the number entered in your payment form.
  1. Log in to your Customer Area.

  2. Navigate to Account > API credentials, and click the user ws@Company.[YourCompanyAccount].

  3. Under Origin key, enter your website's domain, then click Generate Origin Key.

    Use a concatenation of the protocol, host, and port. Do not include subdirectories or a trailing slash. For example, https://your-company.com or https://checkout.your-company.com:8080. You can also confirm this by opening the browser console and calling window.location.origin.

  4. Copy and safely store the origin key in your system.

Generate multiple origin keys

Instead of using an origin key, consider switching to a client key for your Web Drop-in or Web Component integration. This allows you to use a single key for all origins, add or remove origins without generating a new key, and detect the card type from the number entered in your payment form.

If you have many domains, you can use our /originKeys API call to quickly generate multiple origin keys:

  1. Make an /originKeys request, specifying:

    • Your API key.
    • originDomains: Include each domain that you will use to make payments.
    curl https://checkout-test.adyen.com/v1/originKeys \
    -H "X-API-key: [Your API Key here]" \
    -H "Content-Type: application/json" \
    -d '{
       "originDomains":[
          "https://www.your-company1.com",
          "https://www.your-company2.com",
          "https://www.your-company3.com"
       ]
    }'
    # Set your X-API-KEY with the API key from the Customer Area.
    adyen = Adyen::Client.new
    adyen.api_key = "YOUR X-API-KEY"
    
    response = adyen.checkout_utility.origin_keys({
       :originDomains => [
          "https://www.your-company1.com",
          "https://www.your-company2.com",
          "https://www.your-company3.com"
       ]
    })
    // Set your X-API-KEY with the API key from the Customer Area.
    Config config = new Config();
    config.setApiKey("Your X-API-KEY"));
    Client client = new Client(config);
     
    CheckoutUtility checkoutUtility = new CheckoutUtility(client);
    OriginKeysRequest originKeysRequest = new OriginKeysRequest();
    originKeysRequest.setOriginDomains(new ArrayList<String>(Arrays.asList(
        "https://www.your-company1.com",
        "https://www.your-company2.com",
        "https://www.your-company3.com")
    ));
    OriginKeysResponse originKeysResponse = checkoutUtility.originKeys(originKeysRequest);
    // Set your X-API-KEY with the API key from the Customer Area.
    $client = new \Adyen\Client();
    $client->setXApiKey("YOUR X-API-KEY");
    $service = new \Adyen\Service\CheckoutUtility($client);
    
    $params = array(
        "originDomains" => array(
            "https://www.your-domain1.com",
            "https://www.your-domain2.com",
            "https://www.your-domain3.com"
        )
    );
    
    $result = $service->originKeys($params);

    The /originKeys response contains a list of origin key for all requested domains. For each list item, the key is the domain, and the value is its associated origin key.

    /originKeys response
    {
     "originKeys":{
        "https://www.your-company1.com":"pub.v2.99...",
        "https://www.your-company2.com":"pub.v2.99...",
        "https://www.your-company3.com":"pub.v2.99..."
     }
    }
  2. Copy and safely store the origin keys in your system.

See also