Payment Optimization
...
Integration Guides
Tokenization API
9 min
overview the forter tokenization api provides a secure way to tokenize sensitive payment card information, ensuring pci compliance while enabling seamless transaction processing this guide covers authentication methods for api requests environment setup (sandbox and production) client side authentication for hosted fields sdk users authentication the forter tokenization api uses http basic authentication to verify merchant requests authentication credentials must be included in the authorization header using the basic auth format authorization basic to base64(site id\ site secret) replace site id and site secret with your actual credentials note that your tokenization api credentials differ from your core api sandbox environment what is sandbox? the sandbox environment is a free testing environment designed for integration and validation before transitioning to production no real transactions are processed, and pci information is not stored sandbox credentials & api endpoint base url https //pci tokenization sandbox checkouttools com/v1/ openapi schema is available here https //pci tokenization sandbox checkouttools com/documentation test card numbers since the sandbox cannot store pci sensitive data, only the following hardcoded test pans are accepted test card number card type (if applicable) 4111111111111111 visa 4444333322221111 visa 4646464646464644 visa 349531373081938 american express 5248480000201017 mastercard 5555444433331111 mastercard if you require a specific test card issued by a third party, please contact us production environment transitioning to production once you are ready to go live, you must request production credentials sandbox credentials do not work in production security requirements as an additional security measure, forter requires you to provide the ip addresses of the backend instances that will interact with the tokenization api production api endpoint base url https //pci checkouttools com/v1/ for full api documentation, please refer to the tokenization https //docs forter com/reference/create multi use token api reference page