API References
Create AccountSubmit FeedbackAI Assist (BETA)

Credential Exchange

This section will explain how merchants prepare to do credential exchange with Midtrans

Midtrans will provide the following during the credential exchange process:

  • ClientID
  • ClientSecret
  • PartnerID
  • ChannelID

The Partner must provide the following:

  • PublicKey (must be in PKCS8 format and PEM encoded)


Generate Public and Private Key


Access Key Page

Access Key Page


Generating access keys can be done via Settings > Access Keys page, within the Payment BI SNAP section.


🚧

Always generate the key pair starting from the Sandbox environment first before generating in Production. Otherwise, the supported scopes will be empty. If you mistakenly generated the key pair in Production environment, contact Midtrans Support for further assistance.


Generating Public and Private Key


Generate the Private Key first using the first command (line 2), then generate the Public Key using the second command (line 3). 


--generate private-public key pair in PKCS8 format and PEM encoded
openssl genpkey -algorithm rsa -out private-key.pem -outform PEM -pkeyopt rsa_keygen_bits:\<minimum 2048>  
openssl rsa -in private-key.pem -outform PEM -pubout -out public-key.pem

--alternatively if partner system can only consume PKCS1 private key, then partner can convert the public key from PKCS1 to PKCS8
openssl rsa -RSAPublicKey_in -in publicKeyPKCS1.pem -pubout -out publicKeyPKCS8.pem

Registering the Public Key

Below is an example of how a correct Public Key looks like. Once generated, copy the entire file from the header until footer and then paste it the Dashboard > Settings > Access Keys > Payment BI SNAP then click the Start generate credential button. After pasting, click Register.


-----BEGIN PUBLIC KEY-----  
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomV+Vm1xlRXanmh108Kusls7SSKec0oCejtc9QG  
Obpd4RnQ+7gihm2k6etnSNP7b+XrpY+fBkiQNaBInii9M10kW9Bhf/M9GH/edL3IqnzDNSi7tcoQgnO7h8x  
mzLNWHTjtR6bkrsdBS5dry6htotaF5KXomuoYgztCdGDOa0W20aeLzYSXIoW7s/Ay5yIXt0xaXTll3/bmez  
leguFPnwQZq5EqZFWlUZvutDi+f2l9rTRY0Fb64y+VAf+mnIbEovGqsPEeF/p97YWxcY7CWm8NsT0lwBVOt  
kmEl967Brz5yvEObF5bJgVodi6mNVsN1ki0MCitIhYO8shcE7eUilQIDAQAB  
-----END PUBLIC KEY-----

Registering the public key

Registering the public key


Secured Exchange Method

In order to make sure the credentials are exchanged securely over public networks, the credentials must be encrypted during transit.


Zip encrypted

Midtrans will provide the credentials in a Password Protected Zip file. The Password Protected Zip File and Password to the Zip File will be sent to separate emails.

Merchant must provide the public key in a Password Protected Zip file. The Password Protected Zip File and Password to the Zip File must be sent to separate emails.