Setting up your API Authentication
API Authentication
To make a call to the PPRO API, you need an API key. The API key is unique to your account and is a sensitive piece of information that should never be exposed publicly or used on the client side.
Every API call must include the API key, passed as a Bearer token in the Authorization
header of the HTTP request.
You must also include the individual merchant account identifier in a Merchant-Id
HTTP request header.
POST /v1/payment-charges HTTP/1.1
Host: api.sandbox.eu.ppro.com
Content-Type: application/json
Accept: application/json
Authorization: Bearer key_sandbox_e14fxEqGY1wIJORfA7PtA
Merchant-Id: merch_hW14dQxwNJiBA0buG4L2p
{..}
Sandbox vs. Live APIs
To start handling payments with real money movement, your account must be activated, and you need to use the api.ppro.com host instead of the sandbox with your live credentials.
Live API: <https://api.eu.ppro.com>
Sandbox API: <https://api.sandbox.eu.ppro.com>
Providing invalid credentials will result in a 401 Unauthorized response status code.
{
"message": "Unauthorized"
}