To access the PPRO API, you must use an API key. This key is unique to your account and is considered sensitive information, never expose it publicly or include it in client-side code.

Every API request must include your API key as a Bearer token in the Authorization header of the HTTP request:

Authorization: Bearer key_sandbox_e14fxEqGY1wIJORfA7PtA

👍
Sandbox vs Live
PPRO provides separate environments for testing and production to help you safely develop and deploy your integration.
To process real payments, use your live credentials and the live API host (api.ppro.com). Sandbox credentials only work in the sandbox environment.
Environment Purpose How to Obtain
Sandbox Test integration Provided when your sandbox account is created.
Live Access production APIs Provided when when integration is complete.
API endpoints
Live API: https://api.eu.ppro.com
Sandbox API: https://api.sandbox.eu.ppro.com

Environment	Purpose	How to Obtain
Sandbox	Test integration	Provided when your sandbox account is created.
Live	Access production APIs	Provided when when integration is complete.

Additional headers

Some endpoints require extra HTTP headers in addition to the standard Authorization header. These headers provide context about the merchant or payment service provider (PSP) making the request.

Common Additional Headers

Header	Description	Required For
`Merchant-Id`	Identifies the merchant account associated with the request	Selected endpoints, typically for payments
`Psp-Id`	Identifies the Payment Service Provider initiating the request	Certain PSP-specific endpoints such as boarding

❗️
Important: Only include these headers when required by the endpoint. Using them unnecessarily may cause the request to fail.

Example

POST /v1/payment-charges HTTP/1.1
Host: api.sandbox.eu.ppro.com
Authorization: Bearer {YOUR_API_KEY}
Merchant-Id: {YOUR_MERCHANT_ID}
Content-Type: application/json

Providing invalid credentials will result in a 401 Unauthorized response status code.

{
    "message": "Unauthorized"
}