Learn how to manage your API keys.
Your account provides separate keys for testing and for running live transactions. You can use these keys when sending API requests in either test or live mode. Resources in one mode cannot change resources in another mode.
You can apply a different API version to each individual key, or you can update the version on all keys simultaneously in the current mode (test or production).
Digital River uses your account's API keys to authenticate your API requests. If you do not include your key when you send an API request or use an incorrect or outdated key, Digital River returns an error.
Use the Update version on all keys button on the Keys and versioning pane to select a version and update all keys to that version. You can select to update all API keys to the latest API version or a previous API version. When you update all keys, the API version column for standard keys and restricted keys displays the version you selected.
Digital River provides each account with four standard keys: a public and confidential (secret) pair for both test mode and live mode. You can use these keys to authenticate Digital River API requests. You cannot create, edit, or delete standard keys, but you can update or rotate them.
The public API keys identify your account with Digital River and allow you to create sources. You can use them with Drop-in payments and DigitalRiver.js.
The confidential (secret) API keys allow you to send an API request to Digital River without restriction. Keep these secret keys confidential and only store them on your servers.
Note: Limit access to your API keys and secrets to those who need them. Do not store them in a version control system.
Restrict API keys when you want to limit an application, batch job, or partner to a specific API version. You can also use it to allow your teams to choose when they want to upgrade their API version. You can create, edit, delete, and rotate restricted keys.