Pre-Requisites
General:
Merchant Id - This is your identifier in the Juspay systems. This is used in all API Calls. It will be provided to you by the Juspay team
Client Id - This is used in all SDK calls as an identifier for client-side requests. It will be the same as your merchant ID.
Juspay Dashboard - Merchants are required to procure the Juspay merchant dashboard access by creating an account (Sandbox
/ Production) or from Juspay Business SPOC.Unified Juspay dashboard Guide
can be referred for the gateway setup, payment instruments enablement/disablements, Security key generation, Webhook URL Configuration, batch operations, traffic monitoring and analytics.
API Key - Juspay uses HTTP Basic Auth for authentication. API Key is used to authenticate the Server-to-Server API Calls.
API Key Generation on Juspay Dashboard
Detailed The API request expects a Basic Authorization header. The header value can be obtained by concatenating your API Key with a colon (:) and doing a base-64 encode on it
Sample Authorization Header:
API Key: 1cc33A5F5D6aa54AB20CF6FbbC8558
Encoding Format: 1cc33A5F5D6aa54AB20CF6FbbC8558:
Authorization Header / Base64encoded API Key:
Basic MWNjMzNBNUY1RDZhYTU0QUIyMENGNkZiYkM4NTU4Og==
During Onboarding, the production account provided is under restricted mode. In the restricted mode, number of transactions and the amount per transaction is configurable. We will remove the restricted mode once the integration is completed and you receive a QA signoff from Juspay
PIX via Open Finance:
Before you begin integrating the PIX via Open Finance flow, please review the following requirements. These requirements are in addition to those mentioned above. Completing these steps upfront will ensure a smooth and successful setup.
1. Account & Onboarding
Your Juspay account must be enabled for Open Finance ITP (Payment Initiation) flows.
Action: Contact your Juspay POC or support team to initiate the onboarding process. We will handle the necessary configurations to enable this flow for your merchant account.
2.Company Information & Certificate Setup
To enable Open Finance flows, we need a few mandatory details from your team. These details are used to generate the CN and transport certificates required by the banking partners.
Bank Account Information (for receiving payments)
Please share the following:
Account Number
Account Type
ISPB
Issuer
Account Holder Name
Tax ID / CNPJ
Passkey / FIDO Registration Details (Biometric Flow Only)
We also require the domain and app identifiers that will be registered with the banks.
Relying Party ID (your domain)
Android app’s
androidApkHashiOS app’s
bundleId
CN Certificate Validation Method
You can choose either of the following validation methods:
DNS validation:
You will add a TXT record to the domain. The CA validates this record and issues the certificate.
Webserver validation:
You will host a validation file shared by the CA at:https://<your-domain>/.well-known/pki-validation/<token>.txt
Merchant Branding
Merchant name (as shown to your users)
Merchant logo
Action: Share the above details with the Juspay team so we can generate and register your certificates with our bank partners.
3. App–Site Association (Biometric Flow Only)
For the Biometric flow to function securely, your application must be verified as the owner of your domain. This step is required for enabling FIDO/Passkey-based authentication.
For Android
Host the following file on your domain:/.well-known/assetlinks.json
The file must include your app’s androidApkHash.
For iOS
Host the following file on your domain:/.well-known/apple-app-site-association
The file must include your app’s bundleId.
Additionally, ensure your domain is added under Associated Domains in your iOS app configuration.
Action: Publish these files on your domain and confirm that they are publicly accessible.