Authentication

API credentials

To authenticate with Klarna, use your API credentials and HTTP basic auth.

The credentials consist of a username and a password:

  • The username consists of your Merchant ID (MID), a unique number that identifies your e-store, combined with a random string.
  • The password is a string associated with your MID and is used to authorize use of Klarna APIs.

Note: The API credentials are separate from your MID. It's possible to have several API credentials associated with the same MID.

The credentials should be sent as in the Authorization header for every request with the username and the password.

You receive both your live (production) and test (playground) credentials by contacting your regional Klarna merchant support team.

If the credentials are missing or wrong, Klarna responds with 401 Unauthorized. You can read more about HTTP Basic auth in the Wikipedia article.

Security

TLS

TLS (Transport Layer Security) is a protocol that secures data sent over the internet. To ensure your connection is secure, we recommend using TLS 1.2 when connecting to Klarna APIs.

TLS 1.0 and 1.1 decommissioning schedule

We take the security and integrity of our customers seriously. Therefore, we’re starting to decommission old versions of TLS on the following API URLs:

  • api.klarna.com
  • api-na.klarna.com
  • api-oc.klarna.com

We’ll start enforcing TLS 1.2 in our environments according to the following schedule:

  • January 30, 2024 in the playground environment
  • March 29, 2024 in the production environment

To prepare for this change, make sure that you’re using TLS 1.2 when communicating with Klarna.