API Credentials

PaySimple assigns API credentials to each merchant or reseller account. Your production API username and API key will be delivered via encrypted email. Please ensure the API key is stored encrypted in a secured location on your server, and never sent to a browser or via unencrypted email.

Authorization Header

PaySimple requires an Authorization Header to be included in each request your backend service makes to the API. The header value will vary in format depending if you are using a merchant or reseller key.

Merchant Authorization

Using your PaySimple API username as the user name and API key as the password, use basic as the authorization header scheme. This is similar to the standard basic authorization scheme, but there is no Base64 encoding.

Example Merchant Authorization Header:

basic APIUser1225:YhLB81Vofv6Zndxc6QLkdmbaKwdKPawyoKOJ6eWrBJYmDPIKNWTDtwbvkcDIbVR0pVR8RYJKOfIskjBiDtdSV4d1R2FzEv3hmCtlTjdmgpQg41vhscg5juCO0tqTE6r0

Reseller Authorization

If you are issued a reseller API key, input the string reseller as the authorization header scheme, followed by a space and the reseller API key. You can then access reseller level API endpoints.

Example Reseller Authorization Header:

reseller 218|YhLB81Vofv6Zndxc6QLkdmbaKwdKPawyoKOJ6eWrBJYmDPIKNWTDtwbvkcDIbVR0pVR8RYJKOfIskjBiDtdSV4d1R2FzEv3hmCtlTjdmgpQg41vhscg5juCO0tqTE6r0

If your software requires an operation on behalf of one or your merchants, add a header with key PaySimple-Merchant-Id and the PaySimple Merchant Id of the merchant for the value.

Legacy Authorization

Api 4.0 now supports the authorization schemes for Api 5.0 and the old legacy HMAC authorization header is no longer recommended.