Authentication

All calls against Ecster's API need to be authenticated using custom HTTP headers.

  • x-api-key: JKN675aVeMR9Mleh786FGf2ff7T1okmH6 (example)
  • x-merchant-key: 10569832 (example)

An api key can be used for one or mulitple merchants.

  • Organisations having multiple point of sales, both ECOM and/or multiple POS
  • Parties acting on behalf of multiple merchants, e.g. back office services

API and merchant key administration

  • Merchants can generate and revoke API keys using Ecster Dashboard. To determine what an API key is allowed to do a permission based system is used. API key permissions are derived by the user creating the API key, i.e. the api key has the same permissions as the creating user
  • Merchants can view associated merchant keys using the Ecster Dashboard
  • Multiple keys with same profile can be created and be valid concurrently

Next step

Continue to read about how to update the payment link.

Go to the next step here

Request test account