Adyen-for-platform icon

API credentials for your balance platform

Create, generate and configure credentials for API requests related to the balance platform

To authenticate requests to Adyen's APIs, you need the appropriate API credentials. Create and manage your API credentials in your Customer Area, where you can:

Requirements

Before you begin, take into account the following requirements.

Requirement Description
Integration type An Adyen for Platforms integration.
Customer Area roles Make sure that your user account has one of the following roles:
  • Manage API credentials role
  • Merchant admin role

API credentials included with your balance platform

When your balance platform account is set up, it includes the following API credentials.

Web services API credential

Username format: ws[_123456]@BalancePlatform.[YourBalancePlatform]

This credential authenticates requests to:

  • Configuration API: Create and manage resources in your balance platform, including account holders, balance accounts, and business accounts.
  • Transfers API: Perform and manage transfers, such as moving funds within your platform or processing payments from Adyen-issued cards.
  • Session authentication API: Create and manage session tokens required for integrating Platform Experience components.
  • Capital API: Offer business financing to eligible users in your platform. Additional configuration is required. Contact your Adyen representative.

Legal entity management API credential

Username format: ws[_123456]@Scope.Company_[YourCompanyAccount]

This credential authenticates requests to:

Create an API credential

You can have multiple API credentials linked to your balance platform, and activate or deactivate those credentials at any moment. Before creating credentials, consider that having fewer credentials minimizes the number of API keys you must handle, making your operations easier. However, having more credentials provides better control over API permissions, increasing security. Some sample use cases are:

  • To separate web service users according to the permissions they have. For example, separating users that can create and configure accounts from users that can configure transfers.
  • To isolate a web service user that has access to important permissions, such as PIN reveal or payment instrument reveal.

The following tabs explain how to create API credentials for both web service and LEM users in your Customer Area.

When switching to your live environment, you must create a new API credential in your live Customer Area.

You can configure API credentials for your balance platform on the company account level only.

Generate an API key

Use API keys to authenticate your requests. Every web service and LEM user has its own API key.

To generate an API key for a user:

  1. Log in to your Customer Area and select your Company account.
  2. Go to Developers > API credentials.
  3. Select the Platforms tab.
  4. Select the credential username.
  5. On the Configure API credential page, in the Server settings section, select API key.
  6. Select Generate API key.
  7. Select the copy icon and store your API key securely in your system.

    You cannot copy the API key again after you leave the page.

  8. Select Save changes.

When switching to your live environment, you must generate a new API key in your live Customer Area.

Change an API key

You can change an API key when needed, for example, when an API key is lost or compromised. To do this, follow the steps to generate an API key.

When you generate a new API key, it can be used immediately. However, the previous key also remains active for the following 24 hours.

Extend the time of a previous API key

To extend the time that a previous API key remains active:

  1. Log in to your Customer Area and select your Company account.
  2. Go to Developers > API credentials.
  3. Select the Platforms tab.
  4. Select the credential username.
  5. On the Configure API credential page, in the Server settings section, select API key.
  6. Under Expiring keys, see how much time is left until the previous key expires. You can either:
    • Select the reset icon to reset the expiry time to 24 hours.
    • Select the expire now icon to expire the previous key immediately.
  7. Select Save changes.

Generate a basic authentication password

Users can also use basic authentication for API requests. To generate a basic authentication password:

  1. Log in to your Customer Area and select your Company account.
  2. Go to Developers > API credentials.
  3. Select the Platforms tab.
  4. Select the credential username.
  5. On the Configure API credential page, in the Server settings section, select Basic auth.
  6. Select Generate password.
  7. Select the copy icon and securely store your basic authentication password in your system.

    You cannot copy the password again after you leave the page.

  8. Select Save changes.

When you generate a new basic authentication password, the previous password is deactivated immediately.

Instead of generating a new password for an existing API credential, you can create a new API credential. This enables you to use both your existing password and a new one until you have updated your systems.

When switching from your test to your live environment, use the basic authentication credentials from your live Customer Area.

Manage API permissions

Manage the permissions of a web service API credential by enabling or disabling its roles. An API credential must have at least one enabled role.

To do manage API permissions:

  1. Log in to your Customer Area and select your Company account.
  2. Go to Developers > API credentials.
  3. Select the Platforms tab.
  4. Select the username of the web service credential, for example: ws_[123456]@BalancePlatform.[YourBalancePlatform].
  5. On the Configure API credential page, under Permissions, expand the categories to see the lists of available roles.
    You can also use the search bar to find specific roles.
  6. Select the checkboxes of the roles you want to enable for the API credential.
  7. Select Save changes.

Deactivate an API credential

To deactivate an API credential, follow these steps:

  1. Log in to your Customer Area and select your Company account.
  2. Go to Developers > API credentials.
  3. Select the Platforms tab.
  4. Select the credential username to open the Configure API credential page.
  5. Under General settings, turn off the toggle next to the Username to switch the status from Active to Inactive.
  6. Select Save changes.