Skip to main content
Skip table of contents

Authentication

We suggest your read the overview first, then understand the role of the health-check directive and button. Only then proceed to actual implementation details.

Overview

Before Katalys’s code and integrator’s code can securely share messages. The following needs to happen:

  1. Integration (as part of the initial setup) has to store credentials found in the Katalys platform.

    1. integration ID

    2. key ID

    3. shared secret

  2. Integration has to provide an endpoint (URL), which will receive messages coming from Katalys. The endpoint URL has to be stored in the Katalys platform → Settings → Apps & Integrations →Integration → Settings

There are two locations that require authentication to happen:

  1. When Katalys platform sends directives to the integration. Katalys ⇢ Merchant

    1. Katalys platform creates a token and sends a request with directives

    2. Integration receives the request and verifies the token before processing the directives

  2. When the Integration sends API requests to Katalys. Katalys ⇠ Merchant

    1. Integration generates a token using stored credentials and adds it to request header before sending the request to the API.

    2. Katalys’s API will verify the token and process the request

Health-check directive

Health check is triggered from Katalys platform’s UI. It will send a health-check directive payload with a token to the integration’s URL. The integration is expected to verify the token first, then proceed to generate a token and make an authenticated request to Katalys’s API. If all of the above succeeds, we can consider the two systems connected.

Next steps

Katalys ⇠ Merchant
Katalys ⇢ Merchant
Example: generating a PASETO token

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close