Follow

Creating a read-only API key with Braintree for added security

For added security when using Braintree we recommend taking these steps to only grant ChartMogul read access to certain parts of your Braintree account.

  1. Login as admin to your Braintree account and go to Settings > Users and Roles > Manage Roles > New.
  2. Give the role a name like "Read only".
  3. Uncheck all permissions except:
    • Download Transactions with Masked Payment Data
    • Download Vault Records with Masked Payment Data
    • Download Subscription Records
  4. Now click "Create role".
  5. Now go to Settings > Users and roles > New user.
    • Give the user API Access
    • Assign the read only role
    • Assign access to the merchant accounts (usually all of them).
  6. Now logout of Braintree and log back in as this new 'read only' user.
  7. Then go to Account > My User > Api Keys.
  8. Use these API keys in ChartMogul for added security.

 

Here are the rights you need to grant your Braintree user in order for ChartMogul to work: