Authentication & environments
Technical Author Note
This page should cover, once finalised:
- Purpose: This is an onboarding page that helps developers understand how to get connected before moving into endpoint-level reference material. It answers: "How do I get connected to PAYSTRAX?"
- Before you begin — Explain that, before making API requests, the developer needs access credentials and the right environment. List: API Secret Key, Integrator ID, Sandbox account, Production account.
- Sandbox vs Production — Explain the purpose of each environment and when a developer should use each one. Cover: Sandbox, Production, How to request production access, Differences between environments, Test cards.
- Obtaining credentials — Explain where developers get the values they need to authenticate and route requests correctly. Cover: API keys, Integrator ID, Merchant configuration IDs.
- Authentication overview — Very high level orientation only. Give only enough detail for orientation, not the full technical contract. Show the header format (Bearer Token and Integrator ID). Point to the API Reference for full technical details.
Authentication
Every request must include both of these headers, plus Content-Type.
Required headers
Authorization: Bearer <your-jwt-token>
X-Integrator-ID: <your-integrator-id>
Content-Type: application/json
| Header | Description |
|---|---|
Authorization | Bearer <token> — a JWT issued for your integration. Test tokens are typically 60-day JWTs. |
X-Integrator-ID | Your PAYSTRAX integrator identifier. |