An origin key is a client-side key that is used to validate Adyen's JavaScript component library. It is required for our Drop-in and Component integrations.
The origin key is linked directly to a combination of three elements:
- The account name (either your company or merchant account).
- The environment (live or test).
- The website domain where a payment request comes from (including the port).
If one or more of these elements change — such as a change to the protocol, port, or environment — you will need a different origin key.
For example, if you are initially performing test transactions on your local machine, a domain of https://localhost:8080, and you move your tests to a test server on your local network, a domain of https://192.168.10.10, you will need need to create a new origin key for this new server.
If you have multiple domains, you can use our /originKeys API call to quickly generate multiple origin keys.
Generate a single origin key
-
Log in to your Customer Area.
-
Navigate to Account > API credentials, and click the user ws@Company.[YourCompanyAccount].
-
Under Origin key, enter your website's domain, then click Generate Origin Key.
Use a concatenation of the protocol, host, and port. Do not include subdirectories or a trailing slash. For example, https://your-company.com or https://checkout.your-company.com:8080. You can also confirm this by opening the browser console and calling
window.location.origin. - Copy and safely store the origin key in your system.
Generate multiple origin keys
If you have many domains, you can use our /originKeys API call to quickly generate multiple origin keys:
-
Make an
/originKeysrequest, specifying:- Your API key.
originDomains: Include each domain that you will use to make payments.
curl https://checkout-test.adyen.com/v1/originKeys \ -H "X-API-key: [Your API Key here]" \ -H "Content-Type: application/json" \ -d '{ "originDomains":[ "https://www.your-company1.com", "https://www.your-company2.com", "https://www.your-company3.com" ] }'# Set your X-API-KEY with the API key from the Customer Area. adyen = Adyen::Client.new adyen.api_key = "YOUR X-API-KEY" response = adyen.checkout_utility.origin_keys({ :originDomains => [ "https://www.your-company1.com", "https://www.your-company2.com", "https://www.your-company3.com" ] })// Set your X-API-KEY with the API key from the Customer Area. Config config = new Config(); config.setApiKey("Your X-API-KEY")); Client client = new Client(config); CheckoutUtility checkoutUtility = new CheckoutUtility(client); OriginKeysRequest originKeysRequest = new OriginKeysRequest(); originKeysRequest.setOriginDomains(new ArrayList<String>(Arrays.asList( "https://www.your-company1.com", "https://www.your-company2.com", "https://www.your-company3.com") )); OriginKeysResponse originKeysResponse = checkoutUtility.originKeys(originKeysRequest);// Set your X-API-KEY with the API key from the Customer Area. $client = new \Adyen\Client(); $client->setXApiKey("YOUR X-API-KEY"); $service = new \Adyen\Service\CheckoutUtility($client); $params = array( "originDomains" => array( "https://www.your-domain1.com", "https://www.your-domain2.com", "https://www.your-domain3.com" ) ); $result = $service->originKeys($params);The
/originKeysresponse contains a list of origin key for all requested domains. For each list item, the key is the domain, and the value is its associated origin key. - Copy and safely store the origin keys in your system.