The origin key is linked directly to a combination of three elements:
- The account name (either your company or merchant account).
- The environment (live or test).
- The website domain where a payment request comes from (including the port).
If one or more of these elements change — such as a change to the protocol, port, or environment — you will need a different origin key.
For example, if you are initially performing test transactions on your local machine, a domain of https://localhost:8080, and you move your tests to a test server on your local network, a domain of https://192.168.10.10, you will need need to create a new origin key for this new server.
If you have multiple domains, you can use our
/originKeys API call to quickly generate multiple origin keys.
Generate a single origin key
Log in to your Customer Area.
Navigate to Developers > API credentials, and click the user ws@Company.[YourCompanyAccount].
Under Origin key, enter your website's domain, then click Generate Origin Key.
Use a concatenation of the protocol, host, and port. Do not include subdirectories or a trailing slash. For example, https://your-company.com or https://checkout.your-company.com:8080. You can also confirm this by opening the browser console and calling
Copy and safely store the origin key in your system.
Generate multiple origin keys
If you have many domains, you can use our
/originKeys API call to quickly generate multiple origin keys:
- Your API key.
originDomains: Include each domain that you will use to make payments.
/originKeysresponse contains a list of origin key for all requested domains. For each list item, the key is the domain, and the value is its associated origin key.
Copy and safely store the origin keys in your system.