Judopay Documentation

Permissions

To maximise your app’s security it is important to set permissions to allow your app to accept and process specific endpoints or payment types.

Each Token Set related to an app has its own unique permissions, it is advised to enable the absolute minimum permissions required for your mobile app.

For example, if you only perform transactions from your backend; in your backend app enable the Make Payments permission.

The following permissions are available:

  • List All Transactions

  • Make Payments

  • Refund Payments

  • Retrieve Web Payment

  • Create Web Payment

  • PreAuth Transactions

  • Register Card Transactions

Notice

For Mobile apps, it is recommended not to make a transaction from the app, as the Token and Secret could become compromised.

Create a Register Card app and enable the Register Card Transactions permission, and use the server to make the transaction.

Edit App Permissions

To edit an app’s permissions:

edit app permissions

Step

Description

One.png

From the side menu, select Your apps

Select the app you wish to edit.

For the purpose of this exercise, Document Testing App is selected.

Two.png

Select the environment to set permissions:

  • Sandbox tokens

  • Live tokens

For the purpose of this exercise, Sandbox tokens is selected

Three.png

The token information is displayed.

Native apps have the following default permissions:

  • Make Payments

  • PreAuth Transactions

  • Register Card Transactions

Click Edit

Four.png

The Permissions window appears.

Select or deselect a permission.

For the purpose of this exercise, List all Transactions is selected

Five.png

Click Save Permissions

Six.png

The added permission appears in the list.

Test to validate the change has taken effect.