API Key

Authentication by access key

When you make payment requests to the Monext Online API, you must submit your Merchand ID and Merchant Access Key for HTTP authentication.

Monext Online will not accept your requests if they are not properly authenticated.

🚧

Never share your Merchant Access Key with a third party.

Monext Online uses your access key to identify you as the sender of your payment requests. No one at Monext knows it and will not ask you for this information.

HTTP Basic Authentication Method

Monext Online uses the HTTP Basic Authentication mechanism to authenticate subscribed merchants.

If your merchant account ID is 1234567890 and your access key is DJMESHXYou6LmjQFdH, you must base64 1234567890:DJMESHXYou6LmjQFdH.
The resulting string is to be added to the HTTP header as in the example below:

Authorization : Basic MTIzNDU2Nzg5MdpESk1FU0hYWW91NkxtalFGZEg=

Depending on the programming language, the identifier and access key are automatically encoded in base64 and added to the HTTP header.

Thanks to this mechanism, you optimally secure your computer exchanges between your applications and Payline and ensure:

  • authentication of interlocutors: your servers and Payline servers,
  • the integrity of the messages,
  • data encryption.