Getting Started

The following is an overview for creating and setting up an Aurora account integration. After these steps are completed and confirmed, the account may be used and development started.

Get started with the following steps:

• Creating an Aurora Payments Account
• Creating an API Key
• Generating an API Token
• Developing in the Sandbox Environment
• Going Live

Creating an Aurora Payments Account

Before using the Aurora API suite, you must have an account created for you. If you are new to Aurora or are interested in using the Aurora Payments API suite, contact the appropriate team below:

• For ISVs (Independent Software Vendors): isvsales@risewithaurora.com
• For Individual Merchant Integrators: insidedevsales@risewithaurora.com

The appropriate sales team will create your user account and help customize access based on your integration requirements. You will be assigned an account name. This will be a registered account on the Aurora Merchant Portal. Upon first login, you will create your account password.

If you are already a registered merchant and have technical or operational questions, contact the Aurora Integrations Support Team: isvsupport@risewithaurora.com

Creating an API Key

After registering an Aurora account, an API Key is required to start using the API.

An API Key is a pair of credentials, the Client Id and the Client Secret, that together uniquely identifies and authenticates a specific account. The API Key is used to generate API Tokens, which are then used to authenticate API requests.

To call payment-related API endpoints, you will need an API Key set for the merchant account.

To Create an API Key

To create the API Key as a Partner account:

Partner accounts can create API Keys for their associated merchant accounts.

If you have a Partner account, you can have more information about how to manage the API Keys for the merchant accounts in the Partner API Integration article .

To create the API Key as a Merchant account:

1. Log in to the Aurora Portal (Sandbox). This is the account that was set up for you earlier.
2. Click on your user name in the bottom-left corner.
3. Select Settings.
4. In the navigation menu on the right, select API Keys. This activates the New API Key button.
5. Select New API Key. The New API Key dialog displays.
6. Enter an API Key name. This is a friendly, free-formed name. Use a meaningful name that easily identifies the API Key.
7. Select Generate Key. The Client ID and Client Secret values display. Those are the two OAuth 2.0 client credential components and will be used to generate API Tokens.

The Client ID is part of the API Key that is safe to expose in frontend code. It only identifies the account. It does not grant privileged or authentication access to the account. The Client ID will be visible in your API Keys list of your Merchant dashboard. It will also be associated with a friendly name to make it easier to identify.

The Client Secret is part of the API Key that is secret. It must be protected in the same way as a password.

warning

The Client Secret will not be displayed again after it is created.

If the Client Secret is lost, forgotten, or compromised, a new API Key must be generated. Therefore, we recommend immediately saving and storing the Client Secret in a secure location. Consider using secure note applications, password managers, or encrypted storage option.

After saving the Client Secret in a secure location, close this dialog. The new API Key displays in the dashboard section.

Generating an API Token

An API Token is a short-lived token that is generated using the API Key credentials. It is used as an authorization credential to authenticate API requests to the Aurora API endpoints.

To create an API Token, in the API reference guide see Creating an API Token

Development process

Developing in the Sandbox Environment

You will be working on a sandbox account for development and testing purposes. The sandbox account is a fully isolated account that mirrors production behavior. It does not process real transactions. It is used to validate your integration before going live.

Going Live

When your product is ready to be deployed live, the Aurora support team will work with you to ensure compliance. This compliance follows the production readiness checklist. It ensures the best and optimal developer, client, and customer experience.

For more information and details about the production readiness checklist, see Production Go-Live Guide.

Deleting an API Key

API Keys can be deleted. This deletion may be part of a periodic key rotation depending on your security procedure requirements. We strongly recommend deleting an API Key if you suspect that the client secret is compromised. In either case, a new API Key can be created.

Any applications or systems relying on the deleted API Key will no longer be able to authenticate or access the API resources. API Tokens that are created from the deleted API Key will immediately become invalid, and, so, will have endpoint calls fail. If a new API Key has been created, it must be re-entered into those applications or systems for them to run again properly. API Tokens must use the new API Key, too.

To Delete an API Key

To delete an API Key:

1. Log in to the Aurora Merchant Portal (Sandbox). This is the account that was set up for you earlier.
2. Select the merchant name in the bottom left corner.
3. Select Settings.
4. In the User menu on the right, select API Keys. This displays a list of active API Keys.
5. For the API Key to delete, click on the delete button (trashcan icon). The Remove API Key dialog displays.
6. Select Remove.

A new API Key can be created to replace the deleted one.