Merchant Authentication Service
Overview
The Merchant Authentication Service generates secure credentials for accessing payment processor APIs using the Java SDK. These short-lived tokens provide secure access without storing secrets client-side.
Business Use Cases:
- Frontend SDKs - Generate tokens for client-side payment flows
- Wallet payments - Initialize Apple Pay, Google Pay sessions
- Session management - Maintain secure state across payment operations
- Multi-party payments - Secure delegated access
Operations
| Operation | Description | Use When |
|---|---|---|
createAccessToken | Generate short-lived connector authentication token. Provides secure API access credentials. | Need temporary API access token |
createSessionToken | Create session token for payment processing. Maintains session state across operations. | Starting a multi-step payment flow |
createSdkSessionToken | Initialize wallet payment sessions. Sets up Apple Pay, Google Pay context. | Enabling wallet payments |
SDK Setup
import com.hyperswitch.prism.MerchantAuthenticationClient;
MerchantAuthenticationClient authClient = MerchantAuthenticationClient.builder()
.connector("stripe")
.apiKey("YOUR_API_KEY")
.environment("SANDBOX")
.build();
Security Best Practices
- Never store tokens long-term
- Use tokens immediately after creation
- Handle token expiration gracefully
- Use HTTPS for all token transmissions
Next Steps
- Payment Service - Use tokens for payment operations
- Payment Method Authentication Service - 3D Secure authentication