Skip to main content

Authentication & API Keys

Q: How do I use my Revolv3 static token for API authentication?

Include your static token in the x-revolv3-token header on every request. Never expose this token in client-side code; store it securely on the server. Recommendation: Use environment variables and secrets management, and rotate keys periodically.

Q: Why am I seeing “Attempted to perform an unauthorized operation”?

This indicates an authentication or authorization issue. Common causes:
  • Missing or incorrect x-revolv3-token header
  • Using a token with insufficient permissions
  • Token from the wrong environment (sandbox vs production)
Recommendation: Verify the header, confirm token scope, and ensure you’re pointed at the correct API endpoint.

Q: Why am I getting a 401 Unauthorized error?

A 401 means authentication failed. Check for typos in the header, expired/revoked keys, and environment mismatches. Recommendation: Log request headers server-side and include networkTransactionId when escalating to support.

Environments

Q: How do I know if I’m using the correct API environment?

Use sandbox for development/testing and production for live processing:
  • Sandbox portal: portal-sandbox.revolv3.com
  • Production portal: portal.revolv3.com
  • Sandbox API: api-sandbox.revolv3.com
  • Production API: api.revolv3.com
Recommendation: Keep separate credentials per environment and never reuse sandbox static keys in production.

Network Transaction IDs & Subscriptions

Q: What is a network transaction ID and where can I find it?

networkTransactionId is a unique identifier returned in API responses for each processed payment. Use it for tracking, reconciliation, and support. Recommendation: Store networkTransactionId with your order and reconciliation records.

Q: If I change the payment method for a subscription, do I reuse the original networkTransactionId?

Short answer:
  • If the change is an edit to the same card (same PAN/token, e.g., expiry update) — you may continue using the same networkTransactionId for that subscription.
  • If it’s a different card (different PAN/token) — obtain the new networkTransactionId and use that for subsequent recurring payments.
Why: vaulted payment methods can be linked to multiple subscriptions; storing the networkTransactionId on the vaulted method alone does not guarantee per-subscription continuity. Recommendation: Maintain a subscription → networkTransactionId mapping in your system to ensure per-subscription continuity.

Tokenization & Vaulting

Q: What is the difference between a processor token, a network token, and a Revolv3 payment method ID?

  • Processor token: token issued by a specific processor.
  • Network token: token issued at the card-network/tokenization layer.
  • Revolv3 payment method ID: Revolv3’s internal canonical ID that maps processor/network tokens to a single vaulted reference.
Recommendation: Keep a mapping table (processor token → Revolv3 ID) and prefer Revolv3 IDs in integration flows.

Q: Will we receive the same token back or a new one? How should we map tokens?

Revolv3 returns an internal payment method ID. Processor tokens may be preserved or normalized depending on the source. Implement a token-mapping strategy and store both external and internal IDs as needed. Recommendation: Provide a token mapping export or API endpoint for reconciliation.

Reporting & Reconciliation

Q: How do we reconcile transactions routed through different processors?

Match networkTransactionId, merchant order IDs, and processor response fields across exports. Use exportable reports and standardized templates for reconciliation. Recommendation: Automate reconciliation with scripts that join exports on networkTransactionId and order IDs.

Q: Can we see which processor handled each transaction?

Yes — API responses and transaction records include a processor identifier field for filtering and reporting. Recommendation: Include processor ID in reporting dashboards for faster root-cause analysis.

Support & Troubleshooting

Q: Who do I contact for technical support?

For technical issues, log into the Revolv3 portal and use the help icon to submit a support ticket (or use the support channels provided during onboarding). Include networkTransactionId, request timestamps, and sample payloads when filing tickets. Recommendation: Capture and attach request/response logs (server-side) when escalating to support.

Q: How do I rotate or reset my API key?

Rotate keys from the developer portal under Merchant Settings → Integration Profile. After rotation, update server-side secrets and deploy safely. Recommendation: Use a staged key rotation process and test in sandbox before switching production keys.