--- title: "Wi-Fi profiles" description: "Manage the Wi-Fi configuration of your terminals from the Customer Area or with API calls." url: "https://docs.adyen.com/point-of-sale/design-your-integration/network-and-connectivity/wi-fi-profiles" source_url: "https://docs.adyen.com/point-of-sale/design-your-integration/network-and-connectivity/wi-fi-profiles.md" canonical: "https://docs.adyen.com/point-of-sale/design-your-integration/network-and-connectivity/wi-fi-profiles" last_modified: "2020-10-28T15:11:00+01:00" language: "en" --- # Wi-Fi profiles Manage the Wi-Fi configuration of your terminals from the Customer Area or with API calls. [View source](/point-of-sale/design-your-integration/network-and-connectivity/wi-fi-profiles.md) To connect to your wireless network, the payment terminal needs to know certain network properties, depending on your [type of Wi-Fi network](#wi-fi-network-and-profile-types). For example, the terminal needs to know basic properties such as the channel, password, and name of the network as well as advanced properties such as certificates for server validation and client authentication.\ The terminal obtains the network properties through a Wi-Fi profile, which you can set up remotely either: * [In the Customer Area](#set-up-in-ca). * [Using API calls](#set-up-with-api). The terminal [receives and loads](#load-profiles) the remote Wi-Fi profile as part of the terminal configuration. ## Requirements | Requirement | Description | | -------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | **Integration type** | A [Terminal API integration](/point-of-sale/basic-tapi-integration/) or [standalone solution](/point-of-sale/standalone/). | | **Hardware** | An [Adyen payment terminal](/point-of-sale/what-we-support/select-your-terminals/) with Wi-Fi connectivity. | | **[API credentials](/development-resources/api-credentials/)** | To manage Wi-Fi profiles using API calls, you need the following role:- **Management API—Terminal Advanced settings read and write** | | **Setup steps** | Before you begin, make sure that you have familiarized yourself with:- The [Wi-Fi network and profile types](#wi-fi-network-and-profile-types) that Adyen supports. - How to be [informed about the expiry of certificates](#know-when-certificates-expire).Contact our [Support Team](https://ca-test.adyen.com/ca/ca/contactUs/support.shtml?form=other):- If you are planning to set up a [remote Wi-Fi type EAP-TLS profile](#remote-wi-fi-profile-types) in your Customer Area.You need to provide the following certificates to [create a profile Wi-Fi profile in your Customer Area](#set-up-in-ca):- For an EAP-PEAP profile: * The CA root certificate in .pem format. This must be the root certificate from the CA that signed the certificate of the RADIUS server that is part of your wireless network. * The EAP intermediate certificate in .pem format. This is optional, depending on your network infrastructure. - For an EAP-TLS profile: * The CA root certificate. This must be the root certificate from the CA that signed the certificate of the RADIUS server that is part of your wireless network. * Client certificate for the terminals. * The client key.You need to provide the following certificates to [create a new Wi-Fi profile using API calls](#set-up-with-api):- For Enterprise EAP-PEAP and EAP-TLS, the CA root certificate in .pem format. This must be the root certificate from the CA that signed the certificate of the RADIUS server that is part of your wireless network. - For EAP-PEAP, the EAP intermediate certificate in .pem format (optional). - For EAP-TLS, the client certificate for the terminals in .pem format and the client key in .pem or .key format. | ## Wi-Fi network and profile types Adyen payment terminals support the following Wi-Fi networks: | WPA type | Authentication | Cipher suite | Encryption | | --------------- | ----------------- | ------------ | ---------- | | WPA-Personal | PSK | TKIP | RC4 | | WPA-Enterprise | EAP-PEAP, EAP-TLS | TKIP | RC4 | | WPA2-Personal | PSK | CCMP/TKIP | AES | | WPA2-Enterprise | EAP-PEAP, EAP-TLS | CCMP/TKIP | AES | The network properties are supplied to the terminal in an SSID profile, which we refer to as the Wi-Fi profile. This can be a local profile or a remote profile. * **Local Wi-Fi profile**: * Is managed locally on the terminal. * Supports WPA Personal and WPA2 Personal networks. However, we recommend using a remote Wi-Fi profile. * Doesn't support WPA Enterprise and WPA2 Enterprise networks. * [**Remote Wi-Fi profile** ](#remote-wi-fi-profile-types): * Is managed centrally. This allows you to: * Configure Wi-Fi settings in one place instead of on each individual terminal. * Implement changes in one place instead of on each individual terminal, for example when the PSK password or an EAP-PEAP certificate expires. * Is mandatory for WPA Enterprise and WPA2 Enterprise networks. * Also supports WPA Personal and WPA2 Personal networks. ### Remote Wi-Fi profile types You can set up the following remote Wi-Fi profiles: * **Enterprise EAP-PEAP**: a profile for WPA-Enterprise and WPA2-Enterprise networks using EAP-PEAP authentication. This type of authentication uses only server-side certificates. * **Enterprise EAP-TLS**: a profile for WPA-Enterprise and WPA2-Enterprise networks using EAP-TLS authentication. This type of authentication uses both server-side and client-side certificates. The authentication server of the Wi-Fi network validates the certificate of the Adyen-supplied payment terminal, and the terminal as Wi-Fi client validates the certificate of the authentication server. This makes it the most secure wireless network, but you need to manage more certificates. Because of the technical complexities, the option to create this type of profile is only available on demand. Contact your Adyen account manager. * **Personal PSK**: a profile for WPA-Personal and WPA2-Personal networks using PSK authentication. The account level where you need to configure your remote Wi-Fi profile depends on the network infrastructure architecture and the account structure in the Customer Area. For example, if there is a store-specific Wi-Fi network and the account is structured with stores, configure the remote Wi-Fi profile at the store level. ## Set up Wi-Fi profiles in the Customer Area You can set up remote Wi-Fi profiles in your Customer Area or [using API calls](#set-up-with-api). To use the Customer Area, select a tab below to see the instructions for the type of profile you want to set up. ### Tab: Enterprise EAP-PEAP #### Set up an Enterprise EAP-PEAP profile 1. Make sure that you have the following certificates converted to *.pem* format: * CA root certificate. This must be the root certificate from the CA that signed the certificate of the RADIUS server that is part of your wireless network. * EAP intermediate certificate. This is optional, depending on your network infrastructure. 2. Log in to your [Customer Area](https://ca-test.adyen.com/). 3. Switch to the merchant account or store that you want to configure a Wi-Fi profile for. 4. Go to **In-person payments** > **Terminal settings** > **Connectivity**. 5. Under **Wi-Fi profiles** select **Add a new Wi-Fi profile**.\ The **Wi-Fi Profile** dialog opens. 6. Complete the WI-FI SECURITY and WI-FI PROFILE settings: * **Authentication type**: select **wpa\_eap** for a WPA Enterprise network or **wpa2\_eap** for a WPA2 Enterprise network. * **Name**: name of the profile. * **SSID**: name of the wireless network. * **Hidden SSID**: indicates if a network doesn't broadcast its SSID. Mandatory for Android terminals, because these terminals rely on this setting to be able to connect to any network. * **Default**: select this checkbox if this is your preferred wireless network. The terminal will try connecting to that network first. 7. Complete the EAP SETTINGS: * **EAP**: select **peap**. The applicable fields appear. * **EAP Identity**: EAP-PEAP username from your MS-CHAP account. Must match the configuration of your RADIUS server. * **EAP Password**: EAP-PEAP password from your MS-CHAP account. Must match the configuration of your RADIUS server. * **EAP CA Cert**: upload the CA root certificate in *.pem* format. This must be the root certificate from the CA that signed the certificate of the RADIUS server that is part of your wireless network. * **EAP Intermediate Cert**: upload the EAP intermediate certificate in *.pem* format. * **Enter Domain Suffix**: only needed for [Android payment terminals](/point-of-sale/android-terminals#terminal-models) running Android 11 or higher such as the SFO1 payment terminal. **Domain Suffix** must: * Match the common name of your RADIUS server certificate. * Be in Fully Qualified Domain Name (FQDN) format. For example, \[hostname].\[domain].\[tld] or \[sub-domain].\[domain].\[tld]. 8. Complete the NETWORK SETTINGS, making sure they match your Wi-Fi infrastructure: * **Channel**: the recommended setting is *auto*. * **BSS Type**: the recommenced setting is *infra*. * **Encryption**: the recommended setting is *ccmp*. 9. Select **Save** in the dialog.\ The profile is added. 10. Optionally select the preferred Wi-Fi **Band** if your terminal supports both 2.4 GHz and 5 GHz. A terminal that supports both bands will connect to the 2.4 GHz band most of the time. If you want the terminal to connect to the less 'noisy' 5 GHz band, either select that here or disable 2.4 GHz on your network. 11. Select **Save** at the bottom of the terminal settings page. ### Tab: Enterprise EAP-TLS #### Set up an Enterprise EAP-TLS profile The TLS option is hidden by default. To make it available, contact your Adyen account manager. 1. Make sure that you have the following certificates/keys, either in a PFX bundle or as individual files: * CA root certificate. This must be the root certificate from the CA that signed the certificate of the RADIUS server that is part of your wireless network. * Client certificate for the terminals. * Client key. 2. Log in to your [Customer Area](https://ca-test.adyen.com/). 3. Switch to the merchant account or store that you want to configure a Wi-Fi profile for. 4. Go to **In-person payments** > **Terminal settings** > **Connectivity**. 5. Under **Wi-Fi profiles** select **Add a new Wi-Fi profile**.\ The **Wi-Fi Profile** dialog opens. 6. Complete the WI-FI SECURITY and WI-FI PROFILE settings: * **Authentication type**: select **wpa\_eap** for a WPA Enterprise network or **wpa2\_eap** for a WPA2 Enterprise network. * **Name**: the name of the profile. * **SSID**: the name of the wireless network. * **Hidden SSID**: indicates if a network doesn't broadcast its SSID. Mandatory for Android terminals, because these terminals rely on this setting to be able to connect to any network. * **Default**: select this checkbox if this is your preferred wireless network. The terminal will try connecting to that network first. * **Enter Domain Suffix**: only needed for [Android payment terminals](/point-of-sale/android-terminals#terminal-models) running Android 11 or higher. **Domain Suffix** must: * Match the common name of your RADIUS server certificate. * Be in Fully Qualified Domain Name (FQDN) format. For example, \[hostname].\[domain].\[tld] or \[sub-domain].\[domain].\[tld]. 7. Under EAP SETTINGS complete these boxes: * **EAP**: select **tls**. (Contact your account manager if you do not see the **tls** option.) The applicable fields appear. * **EAP Identity**: CommonName of the EAP client certificate. 8. Complete the remaining EAP SETTINGS depending on how you will provide the certificates and key: as separate files or in a PFX bundle. * To provide the certificates and key as separate files, proceed as follows: * **Use.pfx bundle**: do not select this checkbox. * **EAP CA Cert**: upload the CA root certificate in *.pem* format. This must be the root certificate from the CA that signed the certificate of the RADIUS server that is part of your wireless network. If applicable include intermediate certificates in the certificate chain. * **EAP Client Cert**: upload a file in *.pem* format containing the certificate chain for the terminals. All terminals in the same network will use the same EAP client certificate. * **EAP Client Key**: upload a file in *.key* or *.pem* format containing the RSA private key for the client. Include the begin and end lines `-----BEGIN RSA PRIVATE KEY-----` and `-----END RSA PRIVATE KEY-----`. * **EAP Client Key Password** (optional): if applicable, type the password protecting the file containing the RSA key. * To provide the certificates and key bundled into a PFX file, proceed as follows: * **Use.pfx bundle**: select this checkbox. * **Certificate file**: upload a file in *.pfx* format containing the certificates and key. * **Import password** (optional): if applicable, type the password protecting the PFX file. * **EAP Client Key Password** (optional): if applicable, type the password protecting the file containing the RSA key. 9. Complete the NETWORK SETTINGS, making sure they match your Wi-Fi infrastructure: * **Channel**: the recommended setting is *auto*. * **BSS Type**: the recommenced setting is *infra*. * **Encryption**: the recommended setting is *ccmp*. 10. Select **Save** in the dialog.\ The profile is added. 11. Optionally select the preferred Wi-Fi **Band** if your terminal supports both 2.4 GHz and 5 GHz. A terminal that supports both bands will connect to the 2.4 GHz band most of the time. If you want the terminal to connect to the less 'noisy' 5 GHz band, either select that here or disable 2.4 GHz on your network. 12. Select **Save** at the bottom of the terminal settings page. ### Tab: Personal PSK #### Set up a Personal PSK profile 1. Log in to your [Customer Area](https://ca-test.adyen.com/). 2. Switch to the merchant account or store that you want to configure a Wi-Fi profile for. 3. Go to **In-person payments** > **Terminal settings** > **Connectivity**. 4. Under **Wi-Fi profiles** select **Add a new Wi-Fi profile**.\ The **Wi-Fi Profile** dialog opens. 5. Complete the WI-FI SECURITY and WI-FI PROFILE settings: * **Authentication type**: select **wpa\_psk** for a WPA Personal network or **wpa2\_psk** for a WPA2 Personal network. * **Name**: the name of the profile. * **SSID**: the name of the wireless network. * **Hidden SSID**: indicates if a network doesn't broadcast its SSID. Mandatory for Android terminals, because these terminals rely on this setting to be able to connect to any network. * **PSK**: the password to your wireless network. * **Default**: select this checkbox if this is your preferred wireless network. The terminal will try connecting to that network first. 6. Complete the NETWORK SETTINGS, making sure they match your Wi-Fi infrastructure: * **Channel**: the recommended setting is *auto*. * **BSS Type**: the recommenced setting is *infra*. * **Encryption**: the recommended setting is *ccmp*. 7. Select **Save** in the dialog.\ The profile is added. 8. Optionally select the preferred Wi-Fi **Band** if your terminal supports both 2.4 GHz and 5 GHz. A terminal that supports both bands will connect to the 2.4 GHz band most of the time. If you want the terminal to connect to the less 'noisy' 5 GHz band, either select that here or disable 2.4 GHz on your network. 9. Select **Save** at the bottom of the terminal settings page. ## Set up Wi-Fi profiles using API calls Instead of [using your Customer Area](#set-up-in-ca), you can use our [Management API](/point-of-sale/automating-terminal-management/configure-terminals-api) to automate setting up remote Wi-Fi profiles. Wi-Fi profiles are considered sensitive settings because they affect the Terminal API communications. To manage Wi-Fi profiles, you need to have the following [role](/development-resources/api-credentials#api-permissions): * **Management API—Terminal Advanced settings read and write** Proceed as follows: 1. Optional. To see what remote Wi-Fi profile settings have already been configured, make a GET request to the `/terminalSettings` endpoint for the [company account](https://docs.adyen.com/api-explorer/Management/latest/get/companies/\(companyId\)/terminalSettings), [merchant account](https://docs.adyen.com/api-explorer/Management/latest/get/merchants/\(merchantId\)/terminalSettings), [store](https://docs.adyen.com/api-explorer/Management/latest/get/stores/\(storeId\)/terminalSettings) or [terminal](https://docs.adyen.com/api-explorer/Management/latest/get/terminals/\(terminalId\)/terminalSettings), and check the `wifiProfiles` object. When removing settings, you need to know the settings that will be [inherited](/point-of-sale/automating-terminal-management/configure-terminals-api#inheritance) from the next higher level. 2. For a new Enterprise EAP-PEAP or EAP-TLS Wi-Fi profile: 1. Make sure that you have the required certificates: * The CA root certificate in *.pem* format. This must be the root certificate from the CA that signed the certificate of the RADIUS server that is part of your wireless network. * For EAP-PEAP: the EAP intermediate certificate in *.pem* format (optional). * For EAP-TLS: the client certificate for the terminals in *.pem* format and the client key in *.pem* or *.key* format. 2. Convert each certificate file to a Base64-encoded string. 3. To create or update a Wi-Fi profile, make a PATCH request to the `/terminalSettings` endpoint for the account, store, or terminal. Use the following endpoints: * PATCH [/companies/{companyId}/terminalSettings](https://docs.adyen.com/api-explorer/Management/latest/patch/companies/\(companyId\)/terminalSettings) * PATCH [/merchants/{merchantId}/terminalSettings](https://docs.adyen.com/api-explorer/Management/latest/patch/merchants/\(merchantId\)/terminalSettings) * PATCH [/stores/{storeId}/terminalSettings](https://docs.adyen.com/api-explorer/Management/latest/patch/stores/\(storeId\)/terminalSettings) * PATCH [/terminals/{terminalId}/terminalSettings](https://docs.adyen.com/api-explorer/Management/latest/patch/terminals/\(terminalId\)/terminalSettings) In the request body, specify: * The general network [settings](https://docs.adyen.com/api-explorer/Management/latest/patch/stores/\(storeId\)/terminalSettings#request-wifiProfiles-settings): | Parameter | Data type | Required | Description | | --------- | --------- | -------- | -------------------------------------------------------------------------------------------------------------- | | `band` | String | | The preferred Wi-Fi Band, for use if the terminals support multiple bands. Possible values: All, 2.4GHz, 5GHz. | | `roaming` | Boolean | | Indicates if roaming is enabled on the terminals. | | `timeout` | Integer | | The connection time-out in seconds. Minimum value: **0** | * Specific parameters for each profile in the [profiles](https://docs.adyen.com/api-explorer/Management/latest/patch/stores/\(storeId\)/terminalSettings#request-wifiProfiles-profiles) array. For the parameters of different types of profiles, see the table below. ### Tab: EAP-PEAP profile For an [Enterprise EAP-PEAP Wi-Fi profile](/point-of-sale/design-your-integration/network-and-connectivity/wi-fi-profiles?tab=enterprise_eap_peap_1), use the following parameters: | Parameter | Data type | Required | Description | | --------------------- | ------------- | ------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `authType` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | The type of Wi-Fi network. Use the value **wpa-eap** for a WPA Enterprise network, or **wpa2-eap** for a WPA2 Enterprise network. | | `autoWifi` | Boolean | | Indicates whether to automatically select the best authentication method available. Does not work on older terminal models. | | `bssType` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | Use **infra** for infrastructure-based networks. This applies to most networks. Use **adhoc** only if the communication is p2p-based between base stations. | | `channel` | Integer | | Channel number of the Wi-Fi network. The recommended setting is **0** for automatic channel selection. | | `defaultProfile` | Boolean | | Indicates whether this is your preferred wireless network. If true, the terminal will try connecting to this network first. | | `eap` | String | | For `authType` **wpa-eap** or **wpa2-eap**. Use the value **peap**. (Other possible values: **tls**, **leap**, **fast**.) | | `eapCaCert` | Object (file) | | For `authType` **wpa-eap** or **wpa2-eap**. The root certificate from the CA that signed the certificate of the RADIUS server that is part of your wireless network. | | `eapIdentity` | String | | For `authType` **wpa-eap** or **wpa2-eap**. EAP-PEAP username from your MS-CHAP account. Must match the configuration of your RADIUS server. | | `eapIntermediateCert` | Object (file) | | For `eap` **peap**. The EAP intermediate certificate. | | `eapPwd` | String | | For `eap` **peap**. EAP-PEAP password from your MS-CHAP account. Must match the configuration of your RADIUS server. | | `hiddenSsid` | Boolean | | Indicates if a network doesn't broadcast its SSID. Mandatory for Android terminals, because these terminals rely on this setting to be able to connect to any network. | | `name` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | Your name for the Wi-Fi profile. | | `ssid` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | The name of the wireless network. | | `wsec` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | The type of encryption. Possible values: **auto**, **ccmp** (recommended), **tkip**. | The certificate file objects (`eapCaCert` and `eapIntermediateCert`) each consist of: | Parameter | Data type | Description | | --------- | --------- | -------------------------------------------------------------- | | `name` | String | Name of the certificate. Must be unique across Wi-Fi profiles. | | `data` | String | Certificate content converted to a Base64-encoded string. | **Create an Enterprise EAP-PEAP profile** #### curl ```bash curl https://management-test.adyen.com/v3/stores/{storeId}/terminalSettings \ -H 'x-API-key: ADYEN_API_KEY' \ -X PATCH \ -d '{ "wifiProfiles": { "profiles": [ { "authType": "wpa-eap", "autoWifi": "false", "bssType": "infra", "channel": 0, "defaultProfile": true, "eap": "peap", "eapCaCert": { "name": "ca.pem", "data": "...base64..." }, "eapIdentity": "store1234", "eapIntermediateCert": { "name": "intermediate.pem", "data": "...base64..." }, "eapPwd": "123456789", "hiddenSsid": false, "name": "YOUR_PROFILE", "ssid": "NETWORK_SSID", "wsec": "ccmp" } ], "settings": { "band": "All", "roaming": true, "timeout": 20 } } }' ``` #### Java ```java // Adyen Java API Library v25.0.0 import com.adyen.Client; import com.adyen.enums.Environment; import com.adyen.model.management.*; import java.time.OffsetDateTime; import java.util.*; import com.adyen.service.management.*; Client client = new Client("ADYEN_API_KEY", Environment.TEST); // Request objects File file1 = new File() .data("...base64...") .name("ca.pem"); File file2 = new File() .data("...base64...") .name("intermediate.pem"); Settings settings = new Settings() .roaming(true) .band("All") .timeout(20); Profile profile1 = new Profile() .bssType("infra") .eapCaCert(file1) .autoWifi(false) .channel(0) .defaultProfile(true) .eapPwd("123456789") .ssid("NETWORK_SSID") .wsec("ccmp") .eapIdentity("store1234") .eap("peap") .name("YOUR_PROFILE") .eapIntermediateCert(file2) .authType("wpa-eap") .hiddenSsid(false); WifiProfiles wifiProfiles = new WifiProfiles() .settings(settings) .profiles(Arrays.asList(profile1)); TerminalSettings terminalSettings = new TerminalSettings() .wifiProfiles(wifiProfiles); // Make the request TerminalSettingsStoreLevelApi service = new TerminalSettingsStoreLevelApi(client); TerminalSettings response = service.updateTerminalSettingsByStoreId("storeId", terminalSettings, null); ``` #### PHP ```php // Adyen PHP API Library v17.4.0 use Adyen\Client; use Adyen\Environment; use Adyen\Model\Management\Settings; use Adyen\Model\Management\Profile; use Adyen\Model\Management\File; use Adyen\Model\Management\WifiProfiles; use Adyen\Model\Management\TerminalSettings; use Adyen\Service\Management\TerminalSettingsStoreLevelApi; $client = new Client(); $client->setXApiKey("ADYEN_API_KEY"); $client->setEnvironment(Environment::TEST); // Request objects $file1 = new File(); $file1 ->setData("...base64...") ->setName("ca.pem"); $file2 = new File(); $file2 ->setData("...base64...") ->setName("intermediate.pem"); $settings = new Settings(); $settings ->setRoaming(true) ->setBand("All") ->setTimeout(20); $profile1 = new Profile(); $profile1 ->setBssType("infra") ->setEapCaCert($file1) ->setAutoWifi(false) ->setChannel(0) ->setDefaultProfile(true) ->setEapPwd("123456789") ->setSsid("NETWORK_SSID") ->setWsec("ccmp") ->setEapIdentity("store1234") ->setEap("peap") ->setName("YOUR_PROFILE") ->setEapIntermediateCert($file2) ->setAuthType("wpa-eap") ->setHiddenSsid(false); $wifiProfiles = new WifiProfiles(); $wifiProfiles ->setSettings($settings) ->setProfiles(array($profile1)); $terminalSettings = new TerminalSettings(); $terminalSettings ->setWifiProfiles($wifiProfiles); // Make the request $service = new TerminalSettingsStoreLevelApi($client); $response = $service->updateTerminalSettingsByStoreId('storeId', $terminalSettings); ``` #### C\# ```cs // Adyen .net API Library v14.3.0 using Adyen; using Environment = Adyen.Model.Environment; using Adyen.Model; using Adyen.Model.Management; using Adyen.Service.Management; var config = new Config() { XApiKey = "ADYEN_API_KEY", Environment = Environment.Test }; var client = new Client(config); // Fill in your request objects File file1 = new File { Data = "...base64...", Name = "ca.pem" }; File file2 = new File { Data = "...base64...", Name = "intermediate.pem" }; Settings settings = new Settings { Roaming = true, Band = "All", Timeout = 20 }; Profile profile1 = new Profile { BssType = "infra", EapCaCert = file1, AutoWifi = false, Channel = 0, DefaultProfile = true, EapPwd = "123456789", Ssid = "NETWORK_SSID", Wsec = "ccmp", EapIdentity = "store1234", Eap = "peap", Name = "YOUR_PROFILE", EapIntermediateCert = file2, AuthType = "wpa-eap", HiddenSsid = false }; WifiProfiles wifiProfiles = new WifiProfiles { Settings = settings, Profiles = new List{ profile1 } }; TerminalSettings terminalSettings = new TerminalSettings { WifiProfiles = wifiProfiles }; // Make the request var service = new TerminalSettingsStoreLevelService(client); var response = service.UpdateTerminalSettingsByStoreId("storeId", terminalSettings); ``` #### NodeJS (JavaScript) ```js // Adyen Node API Library v16.2.0 // Require the parts of the module you want to use const { Client, ManagementAPI } = require('@adyen/api-library'); // Initialize the client object const client = new Client({apiKey: "ADYEN_API_KEY", environment: "TEST"}); // Create the request object const terminalSettings = { wifiProfiles: { profiles: [ { authType: "wpa-eap", autoWifi: "false", bssType: "infra", channel: 0, defaultProfile: true, eap: "peap", eapCaCert: { name: "ca.pem", data: "...base64..." }, eapIdentity: "store1234", eapIntermediateCert: { name: "intermediate.pem", data: "...base64..." }, eapPwd: "123456789", hiddenSsid: false, name: "YOUR_PROFILE", ssid: "NETWORK_SSID", wsec: "ccmp" } ], settings: { band: "All", roaming: true, timeout: 20 } } } // Make the request const managementAPI = new ManagementAPI(client); const response = managementAPI.TerminalSettingsStoreLevelApi.updateTerminalSettingsByStoreId("storeId", terminalSettings); ``` #### Go ```go // Adyen Go API Library v9.2.0 import ( "context" "github.com/adyen/adyen-go-api-library/v9/src/common" "github.com/adyen/adyen-go-api-library/v9/src/adyen" "github.com/adyen/adyen-go-api-library/v9/src/management" ) client := adyen.NewClient(&common.Config{ ApiKey: "ADYEN_API_KEY", Environment: common.TestEnv, }) // Fill in your request objects file1 := management.File{ Data: "...base64...", Name: "ca.pem", } file2 := management.File{ Data: "...base64...", Name: "intermediate.pem", } settings := management.Settings{ Roaming: common.PtrBool(true), Band: common.PtrString("All"), Timeout: common.PtrInt32(20), } profile1 := management.Profile{ BssType: "infra", EapCaCert: &file1, AutoWifi: common.PtrBool(false), Channel: common.PtrInt32(0), DefaultProfile: common.PtrBool(true), EapPwd: common.PtrString("123456789"), Ssid: "NETWORK_SSID", Wsec: "ccmp", EapIdentity: common.PtrString("store1234"), Eap: common.PtrString("peap"), Name: common.PtrString("YOUR_PROFILE"), EapIntermediateCert: &file2, AuthType: "wpa-eap", HiddenSsid: common.PtrBool(false), } wifiProfiles := management.WifiProfiles{ Settings: &settings, Profiles: []management.Profile{ profile1, }, } terminalSettings := management.TerminalSettings{ WifiProfiles: &wifiProfiles, } // Make the request service := client.Management() req := service.TerminalSettingsStoreLevelApi.UpdateTerminalSettingsByStoreIdInput("storeId").TerminalSettings(terminalSettings) res, httpRes, err := service.TerminalSettingsStoreLevelApi.UpdateTerminalSettingsByStoreId(context.Background(), req) ``` #### Python ```py # Adyen Python API Library v12.2.0 import Adyen adyen = Adyen.Adyen() adyen.client.xapikey = "ADYEN_API_KEY" adyen.client.platform = "test" # The environment to use library in. json_request = { "wifiProfiles": { "profiles": [ { "authType": "wpa-eap", "autoWifi": "False", "bssType": "infra", "channel": 0, "defaultProfile": True, "eap": "peap", "eapCaCert": { "name": "ca.pem", "data": "...base64..." }, "eapIdentity": "store1234", "eapIntermediateCert": { "name": "intermediate.pem", "data": "...base64..." }, "eapPwd": "123456789", "hiddenSsid": False, "name": "YOUR_PROFILE", "ssid": "NETWORK_SSID", "wsec": "ccmp" } ], "settings": { "band": "All", "roaming": True, "timeout": 20 } } } result = adyen.management.terminal_settings_store_level_api.update_terminal_settings_by_store_id(request=json_request, storeId="storeId") ``` #### Ruby ```rb # Adyen Ruby API Library v9.2.0 require "adyen-ruby-api-library" adyen = Adyen::Client.new adyen.api_key = 'ADYEN_API_KEY' adyen.env = :test # Set to "live" for live environment request_body = { :wifiProfiles => { :profiles => [ { :authType => 'wpa-eap', :autoWifi => 'false', :bssType => 'infra', :channel => 0, :defaultProfile => true, :eap => 'peap', :eapCaCert => { :name => 'ca.pem', :data => '...base64...' }, :eapIdentity => 'store1234', :eapIntermediateCert => { :name => 'intermediate.pem', :data => '...base64...' }, :eapPwd => '123456789', :hiddenSsid => false, :name => 'YOUR_PROFILE', :ssid => 'NETWORK_SSID', :wsec => 'ccmp' } ], :settings => { :band => 'All', :roaming => true, :timeout => 20 } } } result = adyen.management.terminal_settings_store_level_api.update_terminal_settings_by_store_id(request_body, 'storeId') ``` #### NodeJS (TypeScript) ```ts // Adyen Node API Library v16.2.0 // Require the parts of the module you want to use import { Client, ManagementAPI, Types } from "@adyen/api-library"; // Initialize the client object const client = new Client({apiKey: "ADYEN_API_KEY", environment: "TEST"}); // Create the request objects const file1: Types.management.File = { data: "...base64...", name: "ca.pem" }; const file2: Types.management.File = { data: "...base64...", name: "intermediate.pem" }; const settings: Types.management.Settings = { roaming: true, band: "All", timeout: 20 }; const profile1: Types.management.Profile = { bssType: "infra", eapCaCert: file1, autoWifi: false, channel: 0, defaultProfile: true, eapPwd: "123456789", ssid: "NETWORK_SSID", wsec: "ccmp", eapIdentity: "store1234", eap: "peap", name: "YOUR_PROFILE", eapIntermediateCert: file2, authType: "wpa-eap", hiddenSsid: false }; const wifiProfiles: Types.management.WifiProfiles = { settings: settings, profiles: [profile1] }; const terminalSettings: Types.management.TerminalSettings = { wifiProfiles: wifiProfiles }; // Make the request const managementAPI = new ManagementAPI(client); const response = managementAPI.TerminalSettingsStoreLevelApi.updateTerminalSettingsByStoreId("storeId", terminalSettings); ``` ### Tab: EAP-TLS profile For an Enterprise EAP-TLS Wi-Fi profile, use the following parameters: | Parameter | Data type | Required | Description | | ---------------- | ------------- | ------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `authType` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | The type of Wi-Fi network. Use the value **wpa-eap** for a WPA Enterprise network, or **wpa2-eap** for a WPA2 Enterprise network. | | `autoWifi` | Boolean | | Indicates whether to automatically select the best authentication method available. Does not work on older terminal models. | | `bssType` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | Use **infra** for infrastructure-based networks. This applies to most networks. Use **adhoc** only if the communication is p2p-based between base stations. | | `channel` | Integer | | Channel number of the Wi-Fi network. The recommended setting is **0** for automatic channel selection. | | `defaultProfile` | Boolean | | Indicates whether this is your preferred wireless network. If true, the terminal will try connecting to this network first. | | `eap` | String | | For `authType` **wpa-eap** or **wpa2-eap**. Use the value **tls**. (Other possible values: **peap**, **leap**, **fast**.) | | `eapCaCert` | Object (file) | | For `authType` **wpa-eap** or **wpa2-eap**. The root certificate from the CA that signed the certificate of the RADIUS server that is part of your wireless network. | | `eapClientCert` | Object (file) | | For `eap` **tls**. The certificate chain for the terminals. All terminals in the same network will use the same EAP client certificate. | | `eapClientKey` | Object (file) | | For `eap` **tls**. The RSA private key for the client. Include the begin and end lines `-----BEGIN RSA PRIVATE KEY-----` and `-----END RSA PRIVATE KEY-----` | | `eapClientPwd` | String | | For `eap` **tls**. The password of the RSA key file, if that file is password-protected. | | `eapIdentity` | String | | For `authType` **wpa-eap** or **wpa2-eap**. CommonName of the EAP client certificate. | | `hiddenSsid` | Boolean | | Indicates if a network doesn't broadcast its SSID. Mandatory for Android terminals, because these terminals rely on this setting to be able to connect to any network. | | `name` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | Your name for the Wi-Fi profile. | | `ssid` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | The name of the wireless network. | | `wsec` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | The type of encryption. Possible values: **auto**, **ccmp** (recommended), **tkip**. | The certificate file objects (`eapCaCert`, `eapClientCert` and `eapClientKey`) each consist of: | Parameter | Data type | Description | | --------- | --------- | -------------------------------------------------------------- | | `name` | String | Name of the certificate. Must be unique across Wi-Fi profiles. | | `data` | String | Certificate content converted to a Base64-encoded string. | **Create an Enterprise EAP-TLS profile** #### curl ```bash curl https://management-test.adyen.com/v3/stores/{storeId}/terminalSettings \ -H 'x-API-key: ADYEN_API_KEY' \ -X PATCH \ -d '{ "wifiProfiles": { "profiles": [ { "authType": "wpa-eap", "autoWifi": "false", "bssType": "infra", "channel": 0, "defaultProfile": true, "eap": "tls", "eapCaCert": { "name": "ca.pem", "data": "...base64..." }, "eapClientCert": { "name": "client.pem", "data": "...base64..." }, "eapClientKey": { "name": "key.pem", "data": "...base64..." }, "eapClientPwd": "123456789", "eapIdentity": "store1234", "hiddenSsid": false, "name": "YOUR_PROFILE", "ssid": "NETWORK_SSID", "wsec": "ccmp" } ], "settings": { "band": "All", "roaming": true, "timeout": 20 } } }' ``` #### Java ```java // Adyen Java API Library v25.0.0 import com.adyen.Client; import com.adyen.enums.Environment; import com.adyen.model.management.*; import java.time.OffsetDateTime; import java.util.*; import com.adyen.service.management.*; Client client = new Client("ADYEN_API_KEY", Environment.TEST); // Request objects File file1 = new File() .data("...base64...") .name("ca.pem"); File file2 = new File() .data("...base64...") .name("client.pem"); File file3 = new File() .data("...base64...") .name("key.pem"); Settings settings = new Settings() .roaming(true) .band("All") .timeout(20); Profile profile1 = new Profile() .bssType("infra") .eapCaCert(file1) .autoWifi(false) .channel(0) .defaultProfile(true) .eapClientCert(file2) .eapClientPwd("123456789") .ssid("NETWORK_SSID") .wsec("ccmp") .eapClientKey(file3) .eapIdentity("store1234") .eap("tls") .name("YOUR_PROFILE") .authType("wpa-eap") .hiddenSsid(false); WifiProfiles wifiProfiles = new WifiProfiles() .settings(settings) .profiles(Arrays.asList(profile1)); TerminalSettings terminalSettings = new TerminalSettings() .wifiProfiles(wifiProfiles); // Make the request TerminalSettingsStoreLevelApi service = new TerminalSettingsStoreLevelApi(client); TerminalSettings response = service.updateTerminalSettingsByStoreId("storeId", terminalSettings, null); ``` #### PHP ```php // Adyen PHP API Library v17.4.0 use Adyen\Client; use Adyen\Environment; use Adyen\Model\Management\Settings; use Adyen\Model\Management\Profile; use Adyen\Model\Management\File; use Adyen\Model\Management\WifiProfiles; use Adyen\Model\Management\TerminalSettings; use Adyen\Service\Management\TerminalSettingsStoreLevelApi; $client = new Client(); $client->setXApiKey("ADYEN_API_KEY"); $client->setEnvironment(Environment::TEST); // Request objects $file1 = new File(); $file1 ->setData("...base64...") ->setName("ca.pem"); $file2 = new File(); $file2 ->setData("...base64...") ->setName("client.pem"); $file3 = new File(); $file3 ->setData("...base64...") ->setName("key.pem"); $settings = new Settings(); $settings ->setRoaming(true) ->setBand("All") ->setTimeout(20); $profile1 = new Profile(); $profile1 ->setBssType("infra") ->setEapCaCert($file1) ->setAutoWifi(false) ->setChannel(0) ->setDefaultProfile(true) ->setEapClientCert($file2) ->setEapClientPwd("123456789") ->setSsid("NETWORK_SSID") ->setWsec("ccmp") ->setEapClientKey($file3) ->setEapIdentity("store1234") ->setEap("tls") ->setName("YOUR_PROFILE") ->setAuthType("wpa-eap") ->setHiddenSsid(false); $wifiProfiles = new WifiProfiles(); $wifiProfiles ->setSettings($settings) ->setProfiles(array($profile1)); $terminalSettings = new TerminalSettings(); $terminalSettings ->setWifiProfiles($wifiProfiles); // Make the request $service = new TerminalSettingsStoreLevelApi($client); $response = $service->updateTerminalSettingsByStoreId('storeId', $terminalSettings); ``` #### C\# ```cs // Adyen .net API Library v14.3.0 using Adyen; using Environment = Adyen.Model.Environment; using Adyen.Model; using Adyen.Model.Management; using Adyen.Service.Management; var config = new Config() { XApiKey = "ADYEN_API_KEY", Environment = Environment.Test }; var client = new Client(config); // Fill in your request objects File file1 = new File { Data = "...base64...", Name = "ca.pem" }; File file2 = new File { Data = "...base64...", Name = "client.pem" }; File file3 = new File { Data = "...base64...", Name = "key.pem" }; Settings settings = new Settings { Roaming = true, Band = "All", Timeout = 20 }; Profile profile1 = new Profile { BssType = "infra", EapCaCert = file1, AutoWifi = false, Channel = 0, DefaultProfile = true, EapClientCert = file2, EapClientPwd = "123456789", Ssid = "NETWORK_SSID", Wsec = "ccmp", EapClientKey = file3, EapIdentity = "store1234", Eap = "tls", Name = "YOUR_PROFILE", AuthType = "wpa-eap", HiddenSsid = false }; WifiProfiles wifiProfiles = new WifiProfiles { Settings = settings, Profiles = new List{ profile1 } }; TerminalSettings terminalSettings = new TerminalSettings { WifiProfiles = wifiProfiles }; // Make the request var service = new TerminalSettingsStoreLevelService(client); var response = service.UpdateTerminalSettingsByStoreId("storeId", terminalSettings); ``` #### NodeJS (JavaScript) ```js // Adyen Node API Library v16.2.0 // Require the parts of the module you want to use const { Client, ManagementAPI } = require('@adyen/api-library'); // Initialize the client object const client = new Client({apiKey: "ADYEN_API_KEY", environment: "TEST"}); // Create the request object const terminalSettings = { wifiProfiles: { profiles: [ { authType: "wpa-eap", autoWifi: "false", bssType: "infra", channel: 0, defaultProfile: true, eap: "tls", eapCaCert: { name: "ca.pem", data: "...base64..." }, eapClientCert: { name: "client.pem", data: "...base64..." }, eapClientKey: { name: "key.pem", data: "...base64..." }, eapClientPwd: "123456789", eapIdentity: "store1234", hiddenSsid: false, name: "YOUR_PROFILE", ssid: "NETWORK_SSID", wsec: "ccmp" } ], settings: { band: "All", roaming: true, timeout: 20 } } } // Make the request const managementAPI = new ManagementAPI(client); const response = managementAPI.TerminalSettingsStoreLevelApi.updateTerminalSettingsByStoreId("storeId", terminalSettings); ``` #### Go ```go // Adyen Go API Library v9.2.0 import ( "context" "github.com/adyen/adyen-go-api-library/v9/src/common" "github.com/adyen/adyen-go-api-library/v9/src/adyen" "github.com/adyen/adyen-go-api-library/v9/src/management" ) client := adyen.NewClient(&common.Config{ ApiKey: "ADYEN_API_KEY", Environment: common.TestEnv, }) // Fill in your request objects file1 := management.File{ Data: "...base64...", Name: "ca.pem", } file2 := management.File{ Data: "...base64...", Name: "client.pem", } file3 := management.File{ Data: "...base64...", Name: "key.pem", } settings := management.Settings{ Roaming: common.PtrBool(true), Band: common.PtrString("All"), Timeout: common.PtrInt32(20), } profile1 := management.Profile{ BssType: "infra", EapCaCert: &file1, AutoWifi: common.PtrBool(false), Channel: common.PtrInt32(0), DefaultProfile: common.PtrBool(true), EapClientCert: &file2, EapClientPwd: common.PtrString("123456789"), Ssid: "NETWORK_SSID", Wsec: "ccmp", EapClientKey: &file3, EapIdentity: common.PtrString("store1234"), Eap: common.PtrString("tls"), Name: common.PtrString("YOUR_PROFILE"), AuthType: "wpa-eap", HiddenSsid: common.PtrBool(false), } wifiProfiles := management.WifiProfiles{ Settings: &settings, Profiles: []management.Profile{ profile1, }, } terminalSettings := management.TerminalSettings{ WifiProfiles: &wifiProfiles, } // Make the request service := client.Management() req := service.TerminalSettingsStoreLevelApi.UpdateTerminalSettingsByStoreIdInput("storeId").TerminalSettings(terminalSettings) res, httpRes, err := service.TerminalSettingsStoreLevelApi.UpdateTerminalSettingsByStoreId(context.Background(), req) ``` #### Python ```py # Adyen Python API Library v12.2.0 import Adyen adyen = Adyen.Adyen() adyen.client.xapikey = "ADYEN_API_KEY" adyen.client.platform = "test" # The environment to use library in. json_request = { "wifiProfiles": { "profiles": [ { "authType": "wpa-eap", "autoWifi": "False", "bssType": "infra", "channel": 0, "defaultProfile": True, "eap": "tls", "eapCaCert": { "name": "ca.pem", "data": "...base64..." }, "eapClientCert": { "name": "client.pem", "data": "...base64..." }, "eapClientKey": { "name": "key.pem", "data": "...base64..." }, "eapClientPwd": "123456789", "eapIdentity": "store1234", "hiddenSsid": False, "name": "YOUR_PROFILE", "ssid": "NETWORK_SSID", "wsec": "ccmp" } ], "settings": { "band": "All", "roaming": True, "timeout": 20 } } } result = adyen.management.terminal_settings_store_level_api.update_terminal_settings_by_store_id(request=json_request, storeId="storeId") ``` #### Ruby ```rb # Adyen Ruby API Library v9.2.0 require "adyen-ruby-api-library" adyen = Adyen::Client.new adyen.api_key = 'ADYEN_API_KEY' adyen.env = :test # Set to "live" for live environment request_body = { :wifiProfiles => { :profiles => [ { :authType => 'wpa-eap', :autoWifi => 'false', :bssType => 'infra', :channel => 0, :defaultProfile => true, :eap => 'tls', :eapCaCert => { :name => 'ca.pem', :data => '...base64...' }, :eapClientCert => { :name => 'client.pem', :data => '...base64...' }, :eapClientKey => { :name => 'key.pem', :data => '...base64...' }, :eapClientPwd => '123456789', :eapIdentity => 'store1234', :hiddenSsid => false, :name => 'YOUR_PROFILE', :ssid => 'NETWORK_SSID', :wsec => 'ccmp' } ], :settings => { :band => 'All', :roaming => true, :timeout => 20 } } } result = adyen.management.terminal_settings_store_level_api.update_terminal_settings_by_store_id(request_body, 'storeId') ``` #### NodeJS (TypeScript) ```ts // Adyen Node API Library v16.2.0 // Require the parts of the module you want to use import { Client, ManagementAPI, Types } from "@adyen/api-library"; // Initialize the client object const client = new Client({apiKey: "ADYEN_API_KEY", environment: "TEST"}); // Create the request objects const file1: Types.management.File = { data: "...base64...", name: "ca.pem" }; const file2: Types.management.File = { data: "...base64...", name: "client.pem" }; const file3: Types.management.File = { data: "...base64...", name: "key.pem" }; const settings: Types.management.Settings = { roaming: true, band: "All", timeout: 20 }; const profile1: Types.management.Profile = { bssType: "infra", eapCaCert: file1, autoWifi: false, channel: 0, defaultProfile: true, eapClientCert: file2, eapClientPwd: "123456789", ssid: "NETWORK_SSID", wsec: "ccmp", eapClientKey: file3, eapIdentity: "store1234", eap: "tls", name: "YOUR_PROFILE", authType: "wpa-eap", hiddenSsid: false }; const wifiProfiles: Types.management.WifiProfiles = { settings: settings, profiles: [profile1] }; const terminalSettings: Types.management.TerminalSettings = { wifiProfiles: wifiProfiles }; // Make the request const managementAPI = new ManagementAPI(client); const response = managementAPI.TerminalSettingsStoreLevelApi.updateTerminalSettingsByStoreId("storeId", terminalSettings); ``` ### Tab: PSK profile For a [Personal PSK Wi-Fi profile](/point-of-sale/design-your-integration/network-and-connectivity/wi-fi-profiles?tab=personal_psk_3) use the following parameters: | Parameter | Data type | Required | Description | | ---------------- | --------- | ------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `authType` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | The type of Wi-Fi network. Use the value **wpa-psk** for a WPA Personal network, or **wpa2-psk** for a WPA2 Personal network. | | `autoWifi` | Boolean | | Indicates whether to automatically select the best authentication method available. Does not work on older terminal models. | | `bssType` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | Use **infra** for infrastructure-based networks. This applies to most networks. Use **adhoc** only if the communication is p2p-based between base stations. | | `channel` | Integer | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | Channel number of the Wi-Fi network. The recommended setting is **0** for automatic channel selection. | | `defaultProfile` | Boolean | | Indicates whether this is your preferred wireless network. If true, the terminal will try connecting to this network first. | | `hiddenSsid` | Boolean | | Indicates if a network doesn't broadcast its SSID. Mandatory for Android terminals, because these terminals rely on this setting to be able to connect to any network. | | `name` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | Your name for the Wi-Fi profile. | | `psk` | String | | For `authType` **wpa-psk** or **wpa2-psk**. The password to the wireless network. | | `ssid` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | The name of the wireless network. | | `wsec` | String | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | The type of encryption. Possible values: **auto**, **ccmp** (recommended), **tkip**. | **Create a Personal PSK profile** #### curl ```bash curl https://management-test.adyen.com/v3/stores/{storeId}/terminalSettings \ -H 'x-API-key: ADYEN_API_KEY' \ -X PATCH \ -d '{ "wifiProfiles": { "profiles": [ { "authType": "wpa-psk", "autoWifi": "false", "bssType": "infra", "channel": 11, "defaultProfile": false, "name": "YOUR_SECONDARY_PROFILE", "psk": "NETWORK_PASSWORD", "ssid": "NETWORK_SSID", "wsec": "ccmp" } ], "settings": { "band": "All", "roaming": true, "timeout": 20 } } }' ``` #### Java ```java // Adyen Java API Library v25.0.0 import com.adyen.Client; import com.adyen.enums.Environment; import com.adyen.model.management.*; import java.time.OffsetDateTime; import java.util.*; import com.adyen.service.management.*; Client client = new Client("ADYEN_API_KEY", Environment.TEST); // Request objects Settings settings = new Settings() .roaming(true) .band("All") .timeout(20); Profile profile1 = new Profile() .bssType("infra") .autoWifi(false) .channel(11) .name("YOUR_SECONDARY_PROFILE") .psk("NETWORK_PASSWORD") .defaultProfile(false) .authType("wpa-psk") .ssid("NETWORK_SSID") .wsec("ccmp"); WifiProfiles wifiProfiles = new WifiProfiles() .settings(settings) .profiles(Arrays.asList(profile1)); TerminalSettings terminalSettings = new TerminalSettings() .wifiProfiles(wifiProfiles); // Make the request TerminalSettingsStoreLevelApi service = new TerminalSettingsStoreLevelApi(client); TerminalSettings response = service.updateTerminalSettingsByStoreId("storeId", terminalSettings, null); ``` #### PHP ```php // Adyen PHP API Library v17.4.0 use Adyen\Client; use Adyen\Environment; use Adyen\Model\Management\Settings; use Adyen\Model\Management\Profile; use Adyen\Model\Management\WifiProfiles; use Adyen\Model\Management\TerminalSettings; use Adyen\Service\Management\TerminalSettingsStoreLevelApi; $client = new Client(); $client->setXApiKey("ADYEN_API_KEY"); $client->setEnvironment(Environment::TEST); // Request objects $settings = new Settings(); $settings ->setRoaming(true) ->setBand("All") ->setTimeout(20); $profile1 = new Profile(); $profile1 ->setBssType("infra") ->setAutoWifi(false) ->setChannel(11) ->setName("YOUR_SECONDARY_PROFILE") ->setPsk("NETWORK_PASSWORD") ->setDefaultProfile(false) ->setAuthType("wpa-psk") ->setSsid("NETWORK_SSID") ->setWsec("ccmp"); $wifiProfiles = new WifiProfiles(); $wifiProfiles ->setSettings($settings) ->setProfiles(array($profile1)); $terminalSettings = new TerminalSettings(); $terminalSettings ->setWifiProfiles($wifiProfiles); // Make the request $service = new TerminalSettingsStoreLevelApi($client); $response = $service->updateTerminalSettingsByStoreId('storeId', $terminalSettings); ``` #### C\# ```cs // Adyen .net API Library v14.3.0 using Adyen; using Environment = Adyen.Model.Environment; using Adyen.Model; using Adyen.Model.Management; using Adyen.Service.Management; var config = new Config() { XApiKey = "ADYEN_API_KEY", Environment = Environment.Test }; var client = new Client(config); // Fill in your request objects Settings settings = new Settings { Roaming = true, Band = "All", Timeout = 20 }; Profile profile1 = new Profile { BssType = "infra", AutoWifi = false, Channel = 11, Name = "YOUR_SECONDARY_PROFILE", Psk = "NETWORK_PASSWORD", DefaultProfile = false, AuthType = "wpa-psk", Ssid = "NETWORK_SSID", Wsec = "ccmp" }; WifiProfiles wifiProfiles = new WifiProfiles { Settings = settings, Profiles = new List{ profile1 } }; TerminalSettings terminalSettings = new TerminalSettings { WifiProfiles = wifiProfiles }; // Make the request var service = new TerminalSettingsStoreLevelService(client); var response = service.UpdateTerminalSettingsByStoreId("storeId", terminalSettings); ``` #### NodeJS (JavaScript) ```js // Adyen Node API Library v16.2.0 // Require the parts of the module you want to use const { Client, ManagementAPI } = require('@adyen/api-library'); // Initialize the client object const client = new Client({apiKey: "ADYEN_API_KEY", environment: "TEST"}); // Create the request object const terminalSettings = { wifiProfiles: { profiles: [ { authType: "wpa-psk", autoWifi: "false", bssType: "infra", channel: 11, defaultProfile: false, name: "YOUR_SECONDARY_PROFILE", psk: "NETWORK_PASSWORD", ssid: "NETWORK_SSID", wsec: "ccmp" } ], settings: { band: "All", roaming: true, timeout: 20 } } } // Make the request const managementAPI = new ManagementAPI(client); const response = managementAPI.TerminalSettingsStoreLevelApi.updateTerminalSettingsByStoreId("storeId", terminalSettings); ``` #### Go ```go // Adyen Go API Library v9.2.0 import ( "context" "github.com/adyen/adyen-go-api-library/v9/src/common" "github.com/adyen/adyen-go-api-library/v9/src/adyen" "github.com/adyen/adyen-go-api-library/v9/src/management" ) client := adyen.NewClient(&common.Config{ ApiKey: "ADYEN_API_KEY", Environment: common.TestEnv, }) // Fill in your request objects settings := management.Settings{ Roaming: common.PtrBool(true), Band: common.PtrString("All"), Timeout: common.PtrInt32(20), } profile1 := management.Profile{ BssType: "infra", AutoWifi: common.PtrBool(false), Channel: common.PtrInt32(11), Name: common.PtrString("YOUR_SECONDARY_PROFILE"), Psk: common.PtrString("NETWORK_PASSWORD"), DefaultProfile: common.PtrBool(false), AuthType: "wpa-psk", Ssid: "NETWORK_SSID", Wsec: "ccmp", } wifiProfiles := management.WifiProfiles{ Settings: &settings, Profiles: []management.Profile{ profile1, }, } terminalSettings := management.TerminalSettings{ WifiProfiles: &wifiProfiles, } // Make the request service := client.Management() req := service.TerminalSettingsStoreLevelApi.UpdateTerminalSettingsByStoreIdInput("storeId").TerminalSettings(terminalSettings) res, httpRes, err := service.TerminalSettingsStoreLevelApi.UpdateTerminalSettingsByStoreId(context.Background(), req) ``` #### Python ```py # Adyen Python API Library v12.2.0 import Adyen adyen = Adyen.Adyen() adyen.client.xapikey = "ADYEN_API_KEY" adyen.client.platform = "test" # The environment to use library in. json_request = { "wifiProfiles": { "profiles": [ { "authType": "wpa-psk", "autoWifi": "False", "bssType": "infra", "channel": 11, "defaultProfile": False, "name": "YOUR_SECONDARY_PROFILE", "psk": "NETWORK_PASSWORD", "ssid": "NETWORK_SSID", "wsec": "ccmp" } ], "settings": { "band": "All", "roaming": True, "timeout": 20 } } } result = adyen.management.terminal_settings_store_level_api.update_terminal_settings_by_store_id(request=json_request, storeId="storeId") ``` #### Ruby ```rb # Adyen Ruby API Library v9.2.0 require "adyen-ruby-api-library" adyen = Adyen::Client.new adyen.api_key = 'ADYEN_API_KEY' adyen.env = :test # Set to "live" for live environment request_body = { :wifiProfiles => { :profiles => [ { :authType => 'wpa-psk', :autoWifi => 'false', :bssType => 'infra', :channel => 11, :defaultProfile => false, :name => 'YOUR_SECONDARY_PROFILE', :psk => 'NETWORK_PASSWORD', :ssid => 'NETWORK_SSID', :wsec => 'ccmp' } ], :settings => { :band => 'All', :roaming => true, :timeout => 20 } } } result = adyen.management.terminal_settings_store_level_api.update_terminal_settings_by_store_id(request_body, 'storeId') ``` #### NodeJS (TypeScript) ```ts // Adyen Node API Library v16.2.0 // Require the parts of the module you want to use import { Client, ManagementAPI, Types } from "@adyen/api-library"; // Initialize the client object const client = new Client({apiKey: "ADYEN_API_KEY", environment: "TEST"}); // Create the request objects const settings: Types.management.Settings = { roaming: true, band: "All", timeout: 20 }; const profile1: Types.management.Profile = { bssType: "infra", autoWifi: false, channel: 11, name: "YOUR_SECONDARY_PROFILE", psk: "NETWORK_PASSWORD", defaultProfile: false, authType: "wpa-psk", ssid: "NETWORK_SSID", wsec: "ccmp" }; const wifiProfiles: Types.management.WifiProfiles = { settings: settings, profiles: [profile1] }; const terminalSettings: Types.management.TerminalSettings = { wifiProfiles: wifiProfiles }; // Make the request const managementAPI = new ManagementAPI(client); const response = managementAPI.TerminalSettingsStoreLevelApi.updateTerminalSettingsByStoreId("storeId", terminalSettings); ``` 4. When you receive the response, note that this returns the entire configuration at the level where you made the request. ## Load profiles on the terminal #### First-time use When you have set up a remote Wi-Fi profile and are going to use the terminal for the first time: 1. Set up a temporary internet connection on the terminal. For the temporary connection, you can use the alternative connectivity options of the terminal (if any) such as Ethernet or 3G/4G cellular, or connect to a (Personal) Wi-Fi network that doesn't require a remote profile. 2. Board the terminal. During boarding, the terminal retrieves its configuration including the Wi-Fi profile. The terminal then automatically reconnects to the internet using the network settings specified in the Wi-Fi profile. #### Updates An already-boarded terminal will receive a new Wi-Fi profile or changes to an existing Wi-Fi profile through the regular automatic maintenance call. Because the Wi-Fi profile is part of the terminal configuration, you can also obtain it manually by downloading the latest configuration: on the terminal, [open the Admin menu](/point-of-sale/pos-troubleshooting/terminal-turns-on/admin-pin) and select **Config** > **Update**. #### Verifying To check whether the terminal is using a remote Wi-Fi profile: 1. On the terminal, [open the Admin menu](/point-of-sale/pos-troubleshooting/terminal-turns-on/admin-pin) and go to **Network** > **Wi-Fi**. 2. Select the **info** icon **for the network you are interested in. 3. Check the **Added** field: * **via CA**: a remote Wi-Fi profile from your Customer Area has been applied. * **local on device**: the terminal is not using a remote Wi-Fi profile. ## Manage changes using multiple-node Wi-Fi profiles Over time, changes will occur in your wireless network: * [Certificates are about to expire](#know-when-certificates-expire). * The EAP-PEAP username and password need to change. * The PSK needs to be reset. * You want to migrate to a different network, for example from a Personal network to an Enterprise network. To manage such changes you can configure multiple Wi-Fi profiles or "profile nodes" for **the same SSID**. Each profile node for the SSID contains a different configuration. For example: * Profile node 1, which is the first profile you configured, contains the current certificates. * Profile node 2, which you configured next, contains the new certificates that will be needed when the current certificates expire. The terminal tries to connect to the SSID using the available profile nodes one by one until it succeeds in establishing a connection. The next time the terminal tries to connect, as when rebooting or updating the software, it will start with the same profile node that it used for the previous successful connection. If the terminal has established a connection, but the corresponding profile node fails, the terminal starts again trying to connect using the profile nodes one by one. If a profile is outdated, you can remove it. ## Know when certificates expire To establish a safe Wi-Fi connection, Enterprise Wi-Fi profiles must include certificates for server validation and client authentication. When such a certificate expires, terminals cannot connect to the Wi-Fi network. To prevent connection problems, you can prepare a new profile node with new certificates, as described under [Manage changes](#manage-changes-with-multi-node-wi-fi-profiles). But to do this in time, it is important to know when the current Wi-Fi profile certificates expire. You can stay informed as follows: * Look up the expiry date and other details of uploaded EAP-PEAP and EAP-TLS certificates in your [Customer Area](https://ca-test.adyen.com/) under **In-person payments** > **Terminal settings** > **Connectivity** > **Wi-Fi profiles**. * Enable receiving emails before a certificate expires. We'll send an email 90, 60, 30, 7, and 3 days before the expiry date. To set this up: 1. In your [Customer Area](https://ca-test.adyen.com/), go to **In-person payments** > **Terminal settings** > **Connectivity** > **Wi-Fi profiles**. 2. Enable **Receive emails about expiring certificates**. 3. Under **Contact list**, add one or more email addresses. 4. Select **Save**. ## Security recommendations PCI DSS sets requirements for secure cryptographic protocols. If you do not meet these requirements, payment terminals using EAP-TLS and EAP-PEAP Wi-Fi profiles will not be able to connect to your Wi-Fi network to process transactions. To prevent Wi-Fi authentication failure, make sure that: * The size of RSA keys used by the Certification Authority is 2048 bytes or more. * You only use secure hash algorithms from the SHA2 and SHA3 family. * You do not use ciphers from SHA1 and MDA5 groups. * Your RADIUS server supports the TLS 1.2 protocol or later. ## See also * [Wi-Fi recommendations](/point-of-sale/design-your-integration/network-and-connectivity/network-configuration#wi-fi-recommendations) * [Use API calls to configure terminals](/point-of-sale/automating-terminal-management/configure-terminals-api)