Skip to main content
PSP credentials are your payment gateway account details (API keys, merchant IDs, terminal IDs, etc.) stored securely in PCI Booking. When you process payments through the Universal Payment Gateway, PCI Booking uses these stored credentials to authenticate with your PSP on your behalf. Storing credentials in PCI Booking means your systems never need to hold or transmit sensitive PSP authentication details.

What They Store

Each PSP requires different credential fields. A stored credential set includes:
  • PSP type. Which payment processor (Stripe, Adyen, Worldpay, etc.).
  • Account credentials. The PSP-specific authentication fields (API keys, merchant IDs, terminal IDs, passwords, etc.).
  • Credential ID. A unique reference you assign when storing (typically combining the PSP name and a customer or merchant identifier).

How to Use Stored Credentials

Setup workflow

  1. Retrieve the credential structure for your PSP. The API returns the exact fields required for that gateway, which you can use to build a collection form.
  2. Store your credentials by submitting the required fields with a unique credential ID.
  3. Reference the credential ID in your UPG requests using the credentialsId query parameter.

API operations

Stored credentials are encrypted at rest and never returned in full via the API. Only metadata (PSP name, credential ID) is returned when listing.

Inline vs Stored Credentials

You can provide PSP credentials in two ways when making a UPG request:
  • Stored (recommended). Pre-save credentials as described above and pass the credentialsId in your request. Keeps credentials out of your transaction code entirely.
  • Inline. Include the PSP name and credential key-value pairs directly in the request body. Useful for testing or one-off transactions.
See Universal Payment Gateway for details on both modes.

Benefits

  • Security. PSP credentials stored in PCI Booking’s secure environment, not in your systems.
  • PSP portability. Switch processors by creating new credentials and updating the ID in your requests. No code changes.
  • Multi-PSP support. Store credentials for multiple PSPs and select which to use per transaction.
  • Same token, any PSP. A single card token can be sent to any PSP by changing the credential ID.

Next Steps

Universal Payment Gateway

Process payments using stored credentials

Charge

Example requests with both inline and stored credentials

Gateway Guidance

PSP-specific parameter requirements

Credential Management API Reference

Full API documentation