Back Office
Some of our features are available via both the Merchant Portal and the Back Office. If you are using the Back Office, learn here how to manage these.
Back Office vs Merchant Portal
Both the Merchant Portal and the Back Office have separate login pages and a distinctive user interface layout.
To make sure which one you are currently using, refer to these screenshots / login Urls.
Back Office
Back Office test login Back Office live loginMerchant Portal
Merchant Portal test login Merchant Portal live login
API key/secret configuration
Our Direct API's authentication mechanism is based on a API key/secret pair linked to your PSPID. Follow these steps:
- Login to the Back Office. Go to Configuration > Technical information > API settings > Direct API Key
- If you have not configured anything yet, the screen shows “No api credential found”. To create both API Key and API Secret click on “GENERATE”
- The screen now shows both codes in the table in the “Key” / “Secret” column respectively
Key | The current key configured in this PSPID |
Version date | The date when the Key/Secret pair was created |
Expiration date | The date when the Key/Secret pair will expire. Default time of permanency is two years |
Status | The current status of the API key/secret pair
|
If you wish to use a new API Key and API Secret, follow these steps
- Select a period from the drop down menu “leave valid for X hour(s)”. Click on the “RENEW” button. The currently used API Key/Secret pair will expire after the date as defined in “Expiration date”
- At the same time, a new API Key/Secret appears in the first line of the table. Make sure to save the API Secret in your system, as it will not be visible in the Back Office anymore once you access this menu anew
- To force an immediate expiration of the expiring API Key/Secret, click on “EXPIRE”. Our platform removes the respective API Key/Secret from the table and our platform, making it unusable for requests
Webhooks key
Direct uses Webhooks to update your database about transaction results and status changes. Follow these steps:
- Login to the Back Office. Go to Configuration > Technical information > API settings > Webhooks Configuration
- Click on "GENERATE WEBHOOKS API KEY" or enter the desired webhooks api key manually. The "WebhooksKey" is used to validate the messages as legitimate data transfer between our platform and your server. If you use one of our SDKs, this process happens automatically. If you choose to build your own application, make sure to include it
- In "Endpoint URLs", enter your webhook destination(s) on your server. Enter any additional URL in a separate line
- Click on "SAVE" to confirm your settings
- To process the incoming webhooks in your system, you need to build an application on an HTTPS endpoint on your server. It should be able to
- Translate JSON into objects and signature verification. Our Server SDKs help you achieve this
- Respond to a GET action and echo the 'X-GCS-Webhooks-Endpoint-Verification' header value in the body
- Respond to the POST action with a 2XX status code for all events delivered
- Validate the signature on the message