Skip to main content

Authentication & environments

Technical Author Note

This page should cover, once finalised:

  • Purpose: This is an onboarding page that helps developers understand how to get connected before moving into endpoint-level reference material. It answers: "How do I get connected to PAYSTRAX?"
  • Before you begin — Explain that, before making API requests, the developer needs access credentials and the right environment. List: API Secret Key, Integrator ID, Sandbox account, Production account.
  • Sandbox vs Production — Explain the purpose of each environment and when a developer should use each one. Cover: Sandbox, Production, How to request production access, Differences between environments, Test cards.
  • Obtaining credentials — Explain where developers get the values they need to authenticate and route requests correctly. Cover: API keys, Integrator ID, Merchant configuration IDs.
  • Authentication overview — Very high level orientation only. Give only enough detail for orientation, not the full technical contract. Show the header format (Bearer Token and Integrator ID). Point to the API Reference for full technical details.

Authentication

Every request must include both of these headers, plus Content-Type.

Required headers
Authorization: Bearer <your-jwt-token>
X-Integrator-ID: <your-integrator-id>
Content-Type: application/json
HeaderDescription
AuthorizationBearer <token> — a JWT issued for your integration. Test tokens are typically 60-day JWTs.
X-Integrator-IDYour PAYSTRAX integrator identifier.