Minimizes the exposure of sensitive card details and increases the security of your customer's card details.
Authentication Header
Authorization: {your_credentials}
Replace {your_credentials}
with your base64-encoded Basic Auth username and password given to you by your Implementation Manager.
You must use the Authorization
header for any request you send to our Token API, unless you are using client certificate authenticating with SSL/TLS.
Accept & Content-Type Headers
Accept: application/vnd.worldpay.tokens-v3.hal+json
Content-Type: application/vnd.worldpay.tokens-v3.hal+json
We use the Accept header to identify which version of our API you are using. You must use the Accept header for any request you send to our Account APIs.
We require the Content-Type header if the request you're sending includes a request body, and if the HTTP method is a POST or a PUT.
DNS Whitelisting
Whitelist the following URLs:
https://try.access.worldpay.com/
https://access.worldpay.com/
Please ensure you use DNS whitelisting, not explicit IP whitelisting. When you make a request within Access Worldpay, you should always cache the response returned.