Barion Shop Authentication: Difference between revisions

From Barion Documentation
Jump to navigation Jump to search
(create page initial version)
 
m (added header parameter section)
Line 28: Line 28:


[[File:Poskey.jpg]]
[[File:Poskey.jpg]]
= Header-based Barion shop authentication =
The latest generation of Barion API endpoints require header-based authentication, that is, you'll need to pass your Barion shop's POS key as the <code>x-pos-key<code> header parameter instead of as a query parameter.

Revision as of 09:47, 22 April 2024

What is shop authentication?

The API endpoints related to handling the payment flow of a shop are accessible using the shop's own unique API key, a so called POS key. For a full list of such endpoints see List of Barion API endpoints.

Using POS keys

To use an endpoint which requires shop-level authentication, put your API key in the request's body in a property named PosKey:

   {
     ...,
     "PosKey": "00000000-0000-0000-0000-000000000000",
     ...
   }

or in the case of a GET request, in the url query string with the same key.

Errors

If the key is invalid you will receive an AuthenticationFailed error.

Managing POS keys

A POS key is automatically generated for your shop when you create it, and cannot be changed later. To obtain it, either

  • get the key from the confirmation e-mail that was sent to you when you opened the shop, or
  • go to the shop's detail page on the Barion secure site and use the Secret key value (secure.barion.com -> Manage my shops -> Details)

Be aware that the test and live environment are completely separate environments, you need to create different shops. Make sure that you use the POSkey and not the public key:

Header-based Barion shop authentication

The latest generation of Barion API endpoints require header-based authentication, that is, you'll need to pass your Barion shop's POS key as the x-pos-key header parameter instead of as a query parameter.