Get your API Keys
Overview
Get your API Keys to gain access to Verifone’s APIs and integrate with our services to create and manipulate transactions.
API keys are always linked to a user, so the API key inherits the permissions linked to the user and the assigned user roles.
Limitations
- You can only copy an API key once. Store the API Key in a safe place.
- If you lose an API key, delete it and create a new one.
- API keys expire after 1 year.
- A user can create up to 5 API keys.
Use cases
You can use the API Keys to:
- Authenticate your applications against Verifone APIs
- Integrate with our checkout service
- Integrate with our eCommerce service (Verifone-hosted plugins, such as Shopify or WooCommerce)
How to get your API keys
To obtain the keys, watch this short guided video tutorial or follow the steps below:
1. Log in to your Verifone Central account.
2. Navigate to the user settings in the top-right corner and select the API Keys option from the dropdown menu.
3. On the API Keys page, click the Create API Key button.
4. To copy the key, click the Copy public key button and paste it to a safe location. Once the key has been copied, the success message will appear in the bottom-right corner of your screen.
API Keys Expiry
The expiration date of API Keys is one year from the date of activation. The system automatically sends email notifications every week during the last three months and every day during the last week before the expiration date.
The system will continue to notify you of expiring API key(s) until you revoke/delete them.
Updating an expiring API Key in your Integration
Updating your expired API Key is required once a year. You may have received an email from Verifone indicating that the expiry date is approaching.
Updating an expiring API key applies to the following integrations:
-
Plugins
-
Any API Integration
-
Integrations managed by a third party (which, in turn, use the Verifone APIs)
To replace an expiring API key:
- Follow the steps to create a new API key.
- Replace the expiring API key in your integration with the newly created key.
- Follow the steps below to delete/revoke the expiring API key.
For Plugin Integrations
Follow the Manual Setup page for your plugin to see where the API key can be changed.
The Manual Setup page can be found under each plugin’s documentation - Plugins | Online payments | Verifone Developer Portal
For API Integrations
The API key must be replaced in your API requests. More specifically, the second portion of your Basic Auth header “user-uuid:api key” string, before it is encoded to base64.
See this section for more details: BasicAuth | Online payments | Verifone Developer Portal
For integrations managed by a third party
The API key must be updated according to the instructions provided by the third party. This is typically presented in a settings/configuration menu relating to your setup with Verifone and your other payment settings. Contact your provider for more information.
How to revoke access/delete the API keys
- Log in to your Verifone Central account.
- Navigate to the user settings in the top-right corner and select the API Keys option from the dropdown menu.
- When prompted with the list of valid API keys, select the one for which you want to revoke access by clicking the arrow.
4. Click on Revoke access to delete the API key.
