API Keys
API keys are used to authenticate with the PublicSquare API. All API keys contain one or more permissions which will provide ability to manage your account, collect payment methods, and process payments.
Key Types
There are three API key types, which enable different levels of access to the PublicSquare API.
| Type | Description |
|---|---|
publishable | A publishable key an auto-generated, non-sensitive API key which can be used in your mobile or web application to collect payment methods. Publishable keys only contain the payment-method:capture permission. A single publishable key is generated when your account is created and cannot be edited or removed, but can have the key regenerated. |
secret | A secret key is an auto-generated, sensitive API key type which contains all permissions to fully manage your account, collect payment methods, and process transactions. Secret keys are the most permissable API key in an account. A single publishable key is generated when your account is created and cannot be edited or removed, but can have the key regenerated. |
restricted | A restricted key enables granting granular access to your account. When a restricted key is created, it contains one or more permissions which defines what endpoints can be accessed. You can create one or more restricted keys per account for various business uses. |
Permissions
Permissions enable granular access to PublicSquare API endpoints. A publishable API key only has the payment-method:capture permission, however a secret API key has access to all permissions. Restricted API keys can be created to provide limited access to the API for specific use cases.
| Type | Description |
|---|---|
account:read | Allows reading account details and settings. |
account:write | Allows updating account details and settings. |
account:delete | Allows deleting your account. This is a permanent action. |
account-member:read | Allows reading a list of all account members. |
account-member:write | Allows updating the role for an existing account member. |
account-member:delete | Allows removing a member from the account. |
account-invitation:read | Allows reading a list of account member invitations. |
account-invitation:write | Allows inviting new members to the account or resending the invitation. |
account-invitation:delete | Allows deleting member invitations from the account. |
api-key:read | Allows reading API keys and revealing the key used for authentication. |
api-key:write | Allows creating new API keys, updating permissions for existing API keys, and regenerating the API key. |
api-key:delete | Allows deleting API keys. |
business:read | Allows reading business details used for account onboarding and underwriting. |
business:write | Allows saving business details used for account onboarding and underwriting. |
connection:read | Allows reading a list of merchant and seller connections used for payment transfers. |
connection:write | Allows creating new seller connection invitations. |
connection:delete | Allows removing merchant and seller connections. When removed, payment transfers will no longer be permitted between the accounts. |
customer:read | Allows reading customer information. |
customer:write | Allows creating and updating customer information. |
customer:delete | Allows deleting customers in the account. |
event:read | Allows reading all generated events for the account such as transaction, connection, and onboarding events. |
payment-method:capture | Allows capturing payment methods with a publishable API key. |
payment-method:read | Allows reading payment method details. |
payment-method:write | Allows creating payment methods with a secret or restricted API key. |
payment-method:delete | Allows removing a payment method. This will not remove any payment method details used for payments, payouts, and refunds. |
payment:read | Allows reading payments. |
payment:write | Allows creating and updating payments. |
payout:read | Allows reading payouts. |
payout:write | Allows creating and updating payouts. |
refund:read | Allows reading refunds. |
refund:write | Allows creating and updating refunds. |
settlement:read | Allows reading settlements and associated transactions. |
transaction:read | Allows reading transactions such as payments, refunds, payouts and settlements. |
transfer:read | Allows reading payment transfers. |
transfer:write | Allows creating payment transfers. |
webhook:read | Allows reading webhook details and events sent to the registered webhook URL. |
webhook:write | Allows creating or updating webhooks. |
webhook:delete | Allows removing webhooks. |