Payment authentication

Learn how to authenticate Payments v3 API calls.

There are two parts to authentication with the Payments API:

  • Request signing, a form of encryption where you upload a public key to Console and provide a private key in the body of each request you make.
    You include the private key in your requests as part of a header named Tl-signature.
  • An access_token that you generate and include as a bearer token with each request.
    Each payment requires its own access token.

Learn about request signing and how it works. TrueLayer's GitHub contains a variety of libraries you can use to simplify request signing.

After you've configured request signing, you can generate payment access tokens, which enables you to create payments with the Payments API v3.