[News] Subscriptions API - SSL and OIDC migration

We have deprecated Subscriptions (Mutual SSL) 2.0.11.We are not going to release new functionality to those, who are using Mutual SSL. The features are available for those, who have integrated using OpenID Connect. Read more about OpenID Connect here.

Questions regarding migrating from SSL to OIDC  

You are going to integrate using a standard hybrid flow in OpenID Connect (OIDC)

  • What is the difference between SSL and OIDC?
    • Instead of providing a SSL certificate in all calls to the API, you will now provide an Access Token (obtained from the OpenID Connect process) in the header of your API request. The other parameters in the request will not change. 
    • You will need to change basepaths in the endpoint you request towards MobilePay APIs. 
    • You will not need to purchase, update or maintain any certificates for either Sandbox or Production environment at MobilePay. 
  • Do we need additional credentials?
    • Yes, credentials for OpenID will be delivered for the Sandbox. Similar set will be delivered for Production once testing in Sandbox is complete.
    • We recommend you to create a new app in the sandbox to have the OpenID separated from the current SSL solution. This will also create a new set of clientID and ClientSecret to be used for accessing the APIs
  • Is it possible to do integration while still running SSL?
    • Yes, we recommend you to create a new app in the sandbox to have the OpenID separated from the current SSL solution. This will also create a new set of clientID and ClientSecret to be used for accessing the APIs.
    • Subscribe to Subscriptions and the associated User Simulation API.
    • If you are uncertain on the expiry date of your current SSL certificates please inquire this data at developer@mobilepay.dk
  •  What steps do we need to do in this migration:
    • Log on to the Sandbox Developer Portal and create a new app (and note down new set of credentials for the API)
    • Receive credentials for OpenID Connect in a zip file from Developer Support
    • Read the documentation for OpenID.
    • Implement and test the OpenID process.
    • Once the OpenID process ok, you should call the new API, which contains difference endpoints than the API for the SSL solution.

 

Support

Please contact us at developer@mobilepay.dk if you have any questions or concerns.

 

Common Questions

  • Where do I find Subscriptions FAQ?
  • What if I am still running SSL and not OpenID Connect?
  • Where can I find a list of the upcoming features?
  • Where can I send a feature request?
    • Subscriptions is constantly being improved. If you want something not listed already, ping us on developer@mobilepay.dk and we will get back to you
  • How can a new employee subscribe to these newsletter?
  • What is the deadline?
    • The deadline of migrating to OpenID Connect is 1-1-2020
  • What is the technical reason for deprecation? 
    • The technical reason for deprecation the SSL is because OpenID Connect supports our increasing focus on ensuring high security.  We have deprecated the Subscriptions SSL solution. We will retire it, when all merchants have migrated to OpenID Connect. We are not going to release new functionality to those, who are using Mutual SSL. Please contact us at developer@mobilepay.dk if you have any questions or concerns.