Payments AI Integration: Account and API Key(s) Management Guide
Objective
The following guide is an introduction on how you and Payments AI admins create/manage accounts and API keys.
Account
In the first step when you are integrating with Payments AI admins will create an account for you and share with you the temporal API key.
- You are not able to use the Payments AI till you activate the account
- With the temporal API key you are not able to make payments, so your account is secure
After the account has been created you have 1 day to activate the account. To do so provide a secret to the account using the temporal API key.
- After the account has been activated your API key will be rotated
- With this new API key you will be able to use the Payments AI to the full extent
Our philosophy is that you can have one account secured by the secret and then you can create multiple API keys for different purposes if you wish.
Api Key
In our API we share with you endpoints thanks to which you could:
- Rotate your API key
- Revoke your API key
- Retrieve data when the API key has been rotated
All of these activities are paired with the secret and API key of the account.
Payments AI admins
We will monitor the activity related to each account.
- If the account is compromised you could ask us to deactivate the account
- We could also revoke and rotate your API keys if necessary
Secrets Policy
Secret need to have:
- at least 12 characters
- one upper letter
- at least one alphanumeric
Secret will need to be changed every 90 days. The new secret will need to be different from the last 4 ones