Before you begin

Learn about the keys and tokens needed for different Ecommerce integrations and functions:

Merchant-level Ecommerce API tokens OAuth tokens to build apps

Merchant-level Ecommerce API tokens	OAuth tokens to build apps
Merchant-level tokens are specific to a single merchant and are used to authenticate and authorize API requests for that particular merchant. They include: Public key—Used as the Ecommerce API key or `apiAccessKey` for tokenizing cards, gift cards, or ACH transactions. Private key—Used as the Bearer token in the Authorization header for making secure Ecommerce API requests.	OAuth tokens authenticate users and maintain sessions securely. These tokens are used when building apps for merchants with multiple businesses. Clover OAuth expiring tokens include an `access_token` and `refresh_token` pair: Access token—Used to authenticate Ecommerce API requests. It has a limited lifespan and needs to be refreshed periodically. Refresh token—Used to generate a new access token without requiring the user to re-authenticate. This helps maintain continuous access without interruptions.

Merchant-level tokens are specific to a single merchant and are used to authenticate and authorize API requests for that particular merchant. They include:

Public key—Used as the Ecommerce API key or apiAccessKey for tokenizing cards, gift cards, or ACH transactions.
Private key—Used as the Bearer token in the Authorization header for making secure Ecommerce API requests.

OAuth tokens authenticate users and maintain sessions securely. These tokens are used when building apps for merchants with multiple businesses. Clover OAuth expiring tokens include an access_token and refresh_token pair:

Access token—Used to authenticate Ecommerce API requests. It has a limited lifespan and needs to be refreshed periodically.
Refresh token—Used to generate a new access token without requiring the user to re-authenticate. This helps maintain continuous access without interruptions.

Get started

Generate Ecommerce API public and private tokens

Use to authenticate API requests for a single merchant solution and for test scenarios. These keys are also used to integrate online payments with your ecommerce website.

Generate an OAuth expiring `access_token`

Use this token to build an ecommerce app for multiple businesses that need to authenticate users and maintain sessions securely.

Generate a public API access key or PAKMS key

Use the PAKMS key to identify the merchant who is using the ecommerce tokenization service.