Authentication#
How to authenticate requests to the Nuvion unified payment API.Overview#
All API requests must be authenticated using your Client ID as a Bearer token in the Authorization header.Getting Your Credentials#
Contact Nuvion support to receive:Client ID (starts with clnt_)
Merchant ID (starts with merch_)
RSA Public Key (for encrypting payment data)
Authentication Method#
Bearer Token Authentication#
Include your Client ID in the Authorization header:Complete Example#
Example Implementations#
Node.js (Axios)#
Python (Requests)#
PHP (cURL)#
Security Best Practices#
✅ DO#
Store credentials in environment variables
Use HTTPS for all requests
Keep your Client ID secure (treat like a password)
Rotate credentials periodically
Use different credentials for sandbox vs production
❌ DON'T#
Hardcode credentials in source code
Commit credentials to version control
Share credentials in public forums
Use production credentials in development
Log full authorization headers
Environment Variables#
Store your credentials securely:Error Responses#
Invalid Client ID#
{
"status": "error",
"message": "Client ID not found",
"code": "AUTHERR"
}
401 Unauthorized{
"status": "error",
"message": "Authorization header required",
"code": "NOAUTHERR"
}
401 Unauthorized{
"status": "error",
"message": "Invalid authorization token format",
"code": "INVLDAUTHTOKEN"
}
401 UnauthorizedTesting Your Authentication#
Test your credentials with a simple request:If authentication succeeds, you'll get a proper error about the payment data (not an auth error).Support#
If you're having authentication issues:1.
Verify your Client ID is correct
2.
Check that you're using the correct environment (sandbox vs production)
3.
Ensure the Authorization header format is correct
Modified at 2025-11-10 16:34:10
