# 1. Generate Merchant Keys API Endpoints {% tabs %} {% tab title="Production Endpoint" %} ``` Production Base URL /api/GenToken/GenerateMerchantKey ``` {% endtab %} {% tab title="Sandbox Endpoint" %} ``` SandboxBase URL /api/GenToken/GenrateMerchentKey ``` {% endtab %} {% endtabs %} #### **Sample Request & Response** Use the below parameters to get merchant keys. {% tabs %} {% tab title="Sample Request" %} ``` { "merchantCode":"xxxxx", "authKey":"xxxxxxxxxx" } ``` {% endtab %} {% tab title="Sample Response" %} ```postman_json { "errorCode": 0, "errorMessgae": "string", "result": { "publicKey": "string" } } ``` {% endtab %} {% endtabs %} MerchantCode and Auth key will be provided by Og. #### Sample code to post data {% tabs %} {% tab title="C#" %} ``` public async Task> GenrateKeys(GenrateKeysRequest obj) { Output dto = new Output(); var url = {Provided End Point}; var client = new HttpClient(); client.BaseAddress = new Uri(url); try { var resultser = JsonConvert.SerializeObject(obj); client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json")); client.DefaultRequestHeaders.TryAddWithoutValidation("Content-Type", "application/json; charset=utf-8"); var response = client.PostAsJsonAsync(url, obj).Result; if (response.IsSuccessStatusCode) { var ss = response.Content.ReadAsStringAsync(); var result = JsonConvert.DeserializeObject>(ss.Result); dto = result; } else { var ss = response.Content.ReadAsStringAsync(); var resps = ss.Result.ToString(); } } catch (HttpRequestException ex) { } return dto; } ``` {% endtab %} {% tab title="VB.NET" %} ``` Class SurroundingClass Public Task As async Private Sub New(ByVal obj As ValidatePaymentRequest) Dim dto As Output = New Output() Dim url = {Provided End Point}; Dim client = New HttpClient() client.BaseAddress = New Uri(url) Try obj.hash = ComputeHash(obj) Dim resultser = JsonConvert.SerializeObject(obj) client.DefaultRequestHeaders.Accept.Add(New System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json")) client.DefaultRequestHeaders.TryAddWithoutValidation("Content-Type", "application/json; charset=utf-8") Dim response = client.PostAsJsonAsync(url, obj).Result If response.IsSuccessStatusCode Then Dim ss = response.Content.ReadAsStringAsync() Dim result = JsonConvert.DeserializeObject > (ss.Result) dto = result Else Dim ss = response.Content.ReadAsStringAsync() Dim resps = ss.Result Dim resultse = JsonConvert.SerializeObject(resps.ToString()) End If Catch ex As HttpRequestException End Try Return dto End Sub End Class ``` {% endtab %} {% tab title="PHP" %} ``` $merchantCode, 'authKey' => $authKey, ); $request = json_encode( $data, true ); if ( !$endpoint ) { $curl = curl_init( { Provided Url } ); } else { $curl = curl_init( $endpoint ); } curl_setopt( $curl, CURLOPT_POST, true ); curl_setopt( $curl, CURLOPT_POSTFIELDS, $request ); curl_setopt( $curl, CURLOPT_RETURNTRANSFER, true ); curl_setopt( $curl, CURLOPT_HTTPHEADER, array( 'Content-Type:application/json' ) ); $ch = curl_exec( $curl ); curl_close( $curl ); $response = json_decode( $ch, true ); ?> ``` {% endtab %} {% tab title="TypeScript" %} ``` pagecode:` public async Task> GenrateKeys(GenrateKeysRequest obj) { Output dto = new Output(); var url = {Provided End Point}; var client = new HttpClient(); client.BaseAddress = new Uri(url); try { var resultser = JsonConvert.SerializeObject(obj); client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json")); client.DefaultRequestHeaders.TryAddWithoutValidation("Content-Type", "application/json; charset=utf-8"); var response = client.PostAsJsonAsync(url, obj).Result; if (response.IsSuccessStatusCode) { var ss = response.Content.ReadAsStringAsync(); var result = JsonConvert.DeserializeObject>(ss.Result); dto = result; } else { var ss = response.Content.ReadAsStringAsync(); var resps = ss.Result; var resultse = JsonConvert.SerializeObject(resps.ToString()); } } catch (HttpRequestException ex) { } return dto; }`; ``` {% endtab %} {% endtabs %} **Note:** Merchant keys are valid for 24 hours. Users must regenerate a new merchant key every 24 hours. If the merchant uses an invalid RSA public key, subsequent calls will result in the following error. {"ErrorMessage":"Unable to decrypt card data "}