Quick Start Guide

Authentication (Temporary Passwords) 2018-01-15T18:05:31+00:00

Authentication (Temporary Password)

There will be some instances where you want to generate a temporary password for use with an API call.  For example if you are sending a customer a link to a HPP you do not want your API credentials being stored as part of the link in their inbox. To avoid this use the authentication API call to generate a temporary password.

Temporary passwords are good for 10 min form the time of generation. We recommend that you generate these passwords at the time they are needed. For example you do not want to generate a hosted payment page link with a temporary password and send to someone via email since it is very likely they will click the link after the password has expired. Instead we recommend that you send them a link to your site. When the link is clicked the password is generated and the user is then automatically redirected to the hosted payment page.

Building Your Authentication Request

Parameter Description Values Example Value
API Operation
requestType Specifies the type of operation to be performed. In this example we are focusing on sale transaction operations. Values authentication
https://sandbox-secure.ziftpay.com/gates/xurl?requestType=authentication&userName=api-user-1234&password=mypass1234
Authentication
username Username for your API user account. NOTE: This is not the same as your merchant portal account. String api-user-1234
password Password for your API user account. String mypass1234
https://sandbox-secure.ziftpay.com/gates/xurl?requestType=authentication&userName=api-user-1234&password=mypass1234
Merchant Context

Authentication Response

The temporary password listed in the below response can now be substituted for your real password in subsequent API request.

responseType=authentication
temporaryPassword=fcc07433-29b4-48b6-bd78-52c95b39640c
passwordExpirationDate=20160908T154316
responseMessage=Approved
responseCode=A01