All requests made to OLS InComm Gateway's REST API must occur over HTTPS and must be authenticated

To authenticate, you must set up an API Key and set its permissions based on your application’s needs. The API Key is a generated, unique value that is defined for each gateway account [Note: A gateway account can have multiple API Keys]. See Setting Up an API Key.

The main, preferred, method for authentication is by including an api_key header in the request. For Transaction requests, you can (optionally) authenticate by adding an api_key element to the main request object.

Request Header primary method

GET /rest/v1/transactions HTTP 1.1 
Accept: application/xml 
api_key: fc594b6c6fd4493db932d7ae50f8c56e

Request Element alternative

Optionally, you can authenticate by including an api_key element inside the main object in the request body.


Note: this authentication method is only available for Transaction POST requests.

Failed Authentication Respose

HTTP/1.1 401 Unauthorized 
Content-Type: application/xml 

Setting Up an API Key

API Keys are located in the OLS InComm Gateway Merchant Console under Gateway Settings → API Keys :