Authentication credentials exposed to public - What to do : Peach Payments

Merchants send the authentication details below for each API call :

authentication.userId
authentication.password
authentication.entityId

These identify and authenticate the merchant on our systems and should not be shared publicly.

In the event that these credentials are accidentally exposed on a public forum or platform (eg. Github) -

Action to resolve : Reset the authentication.password

This will effectively refresh the authentication on our systems and ensure that the merchant's profile is not compromised or abused.

Password is reset via an API call from an administrator / operator.

Authentication credentials exposed to public - What to do Print