Authentication
API credentials
To authenticate with Klarna, use your API credentials and HTTP basic auth.
The credentials consist of a username and a password:
- The username consists of your Merchant ID (MID), a unique number that identifies your e-store, combined with a random string.
- The password is a string associated with your MID and is used to authorize use of Klarna APIs.
Note: The API credentials are separate from your MID. It's possible to have several API credentials associated with the same MID.
The credentials should be sent as in the Authorization header for every request with the username and the password.
You receive both your live (production) and test (playground) credentials by contacting your regional Klarna merchant support team.
If the credentials are missing or wrong, Klarna responds with 401 Unauthorized. You can read more about HTTP Basic auth in the Wikipedia article.
Security
TLS
TLS (Transport Layer Security) is a protocol that secures data sent over the internet. To ensure your connection is secure, we recommend using TLS 1.2 when connecting to Klarna APIs.
TLS 1.0 and 1.1 decommissioning schedule
We take the security and integrity of our customers seriously. Therefore, we’re starting to decommission old versions of TLS on the following API URLs:
- api.klarna.com
- api-na.klarna.com
- api-oc.klarna.com
We’ll start enforcing TLS 1.2 in our environments according to the following schedule:
- January 30, 2024 in the playground environment
- March 29, 2024 in the production environment
To prepare for this change, make sure that you’re using TLS 1.2 when communicating with Klarna.