Authentication

After you have registered with Barclays, you can create a key for generating a request.

The Barclays REST API uses public key cryptography to securely exchange information over the Internet. Before you can send requests for Barclays services using the REST API, you must create a security key for your merchant account on the Smartpay Fuse Portal.

The REST API supports two types of security key:

Shared secret key for using HTTP Signature authentication

P12 certificate for using JSON Web Token authentication

REST API keys expire after 3 years.

Security keys can be used to make any call, including payments. Treat your security keys as you would any secure password.

You must use separate keys for the test and production environments.