Client API version 1.0



Our API uses a secure authentication mechanism, keeping the data of your customers safe and the interaction between you as the merchant and Worldline secure and reliable. This page describes the Server API authentication mechanism we use with our REST API.

To authenticate yourself on the Client API you will need to have created a session through the sessions API of the Server API. The created session will be valid for 2 hours and will have two identifiers that you will need in order to submit API calls towards the Client API:

  • sessionId
  • customerId

The sessionId is used as part of the HTTP Headers in the following way:

Authorization=GCS v1Client: sessionId

Resulting for example in the following HTTP Headers with 51d29012e6ce4b81afa6cc7551ef4e36 as the sessionId:

Content-Type=application/json Authorization=GCS v1Client:51d29012e6ce4b81afa6cc7551ef4e36

The customerId is used as part of the URI of each of the Client API calls, resulting in the following URI with 9991- 66bb4ae9335c4d11a350d39ddd9a3139 as the customerId: