Authentication and Security

TX API uses HTTP Basic Authentication by default as a main authentication method for incoming requests. This method uses the standard Authorization parameter in the message header for storing credentials. Other authentication methods may be supported in the upcoming versions of TX API. It is also strongly recommended to use additional authentication methods available in the API Gateway being used.

Encryption

For security reasons, Basic Authentication should be used together with the other additional security mechanisms such as HTTPS/TLS. A secure HTTPS connection can be configured and used with TX API if required. For details on how to configure a secure connection for RTP interfaces, refer to the TranzAxis documentation.

Masking

All sensitive data, such as PAN, CVV/CVC, etc., is masked both in the response body and in logs/traces unless otherwise required by the specific operations. The respective masking parameters are configured directly in TranzAxis.