The Integration settings in Subotiz provide system-generated credentials and configurable URLs required for secure integrations and payment-related workflows. This section explains the purpose of each credential and URL, their role in transaction handling, and best practices for managing access securely.
Credentials Overview
Developer credentials are automatically generated when an account is created and cannot be edited. These credentials are used exclusively for backend authentication, API request signing, and system-level authorization.
- Merchant ID: A unique identifier for the merchant account, used across billing, subscriptions, and integration workflows.
- Access No.: An identifier used together with the Access secret key to authenticate API requests.
- Access secret key: A confidential credential used to sign and authorize secure API requests.
These credentials are required for server-to-server integrations and should never be exposed on the frontend.
URLs Overview
In addition to credentials, merchants can configure redirect URLs to control customer navigation during payment flows. These settings apply only to Payment Link scenarios. For API-based checkout sessions, any URLs passed in the API request will take precedence.
- Return URL (optional): The page customers are redirected to after a successful payment. If left blank, customers will remain on Subotiz’s default payment result page.
- Cancel URL (optional): The page customers are redirected to if they cancel the payment during checkout. If left blank, customers will remain on Subotiz’s default cancellation page.
These URLs are used for customer redirection only and do not affect payment confirmation or transaction processing.
Security and Access Control
To protect sensitive data and maintain platform security:
- Restrict access to the Developer section using role-based permissions.
- Share credentials and URLs only with authorized technical personnel.
- Store sensitive credentials securely and avoid saving them in documents, spreadsheets, or chat tools.
Viewing Integration Settings in the Admin
View integration settings: Go to Developer > Integration settings in the Subotiz admin. This page displays system-generated credentials and configurable redirect URLs used to authenticate Subotiz accounts and support payment and API integration workflows.
The Integration settings combine system-generated credentials with configurable redirect URLs to support secure integrations. Credentials form the foundation of API authentication and authorization, while redirect URLs manage customer navigation during payment flows. Proper configuration and access control help ensure stable, secure, and well-governed transaction workflows.