#Login ZOLOZ SaaS Portal
Navigate to ZOLOZ SaaS portal with your browser, and login with your username and password.
If it is the first time you login the portal, you will be asked to reset your password. The username and the initial password should have been sent to your mailbox, please check the mail sent by firstname.lastname@example.org; if no mail is received, please contact email@example.com.
#Configure API Authentication
Go through following steps to complete the configuration for API authentication:
- Navigate to API key configuration page;
- Copy the "Client ID" string to local;
- Copy the "ZOLOZ transaction public key" string to local;
- Click the "Auto-generate" button, then an RSA key pair will be generated and:
- The content of the public key will be automatically filled into "Client transaction public key" field, don't modify it manually;
- The private key will be automatically downloaded to your local machine (and ZOLOZ won't save it), the filename is "merchant_private_key.pem", please keep it safe and don't share with anyone else, not even with someone from ZOLOZ;
- Click the "Submit" button to save the "Client transaction public key" to ZOLOZ's system.
#Manually Generate RSA Key Pair
For test, the "auto-generate" function is a handy tool for you to quickly setup the authentication configuration. However, the customer might still concern about the security since the private key is generated on ZOLOZ's server. As an alternative, the customer could create the RSA key pair by themself, and this way is recommended for production.
# you should use priv_key.pem to sign your request openssl genrsa -out priv_key_tmp.pem openssl pkcs8 -topk8 -inform PEM -in priv_key_tmp.pem -outform PEM -nocrypt -out priv_key.pem # you should paste the content of pub_key.base64 to zoloz portal openssl rsa -in priv_key_tmp.pem -pubout -out pub_key.pem cat pub_key.pem | grep -v "^\-" | tr -d "\n" | sed 's/%$//' > pub_key.base64
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); SecureRandom secureRandom = new SecureRandom(); keyPairGenerator.initialize(2048, secureRandom); KeyPair keyPair = keyPairGenerator.generateKeyPair(); Key publicKey = keyPair.getPublic(); Key privateKey = keyPair.getPrivate(); String publicKeyBase64 = Base64.getEncoder().encodeToString(publicKey.getEncoded()); String privateKeyBase64 = Base64.getEncoder().encodeToString(privateKey.getEncoded());