Return to Orbital Homepage
API Documentation
Login to the Client Portal

Create an Orbital Application

API access is managed through the Client Portal on a self-service basis. You can create and manage API Applications at any time, controlling permissions and webhook subscriptions for each application independently.


API Key Requirements

The Global Payments API uses asymmetric key authentication:

  1. You generate an RSA key pair (private and public key).
  2. You request the creation of an application and upload your public key via the Client Portal.
  3. The Client Portal will provide you with an API key linked to your public key.
  4. You authorise requests using your API key and sign them using your private key.
  5. Orbital verifies authorisation using your API key, and validates the signature using your public key.

Generate a Key Pair

To securely sign your requests, you need to generate an RSA key pair. You can generate an RSA key pair using OpenSSL or another tool of your choice.

Requirements:

  • Key size: 2048 bits
  • Format: PEM format

Sample script to generate key pair:

openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048
openssl rsa -pubout -in private_key.pem -out public_key.pem

❗️

Important

Never share your private key. Sharing your private key renders the key pair invalid.


Creating a New Application

  1. Log in to the Client Portal and navigate to Treasury Solutions → Orbital Applications.
  2. Click Create Application and provide a descriptive name.
  3. Select the permissions for this specific Orbital Application.
    • Read permissions: Grant read-only access to view transactions, accounts, beneficiaries, and payers.
    • Create permissions: Grants access to create payments, conversions, beneficiaries, and payers.
🚧

Any applications require admin approval before they become active.

  1. To receive webhooks, input a webhook URL and select the events to subscribe to — see Webhooks.
  2. Upload your public key file (.pem or .txt).
  3. Your API key (and webhook client secret) will be displayed - copy them and keep them secure as they will not be displayed again.

Multiple applications are supported, each with their own key pair, permissions, and webhook configuration. Repeat this process for each application you require.


Managing Existing Applications

From Treasury Solutions → Orbital Applications in the Client Portal, you can manage your applications at any time:

ActionDescription
Edit permissionsUpdate the access scopes for an application
Edit webhook subscriptionsAdd or remove webhook triggers
View webhook historyReview previously delivered webhook events
Resend webhooksReplay a webhook event to your endpoint
Delete applicationPermanently remove an application and its credentials


Updated about 2 months ago

Updated about 2 months ago