# API Basics source: https://developer.mastercard.com/authentication-consent/documentation/api-basics/index.md ## Authentication {#authentication} The Authentication Consent API employs Mutual TLS (MTLS) mechanism to authenticate and authorize the API calls from the requestor to the Mastercard 3DS Server. It includes a client certificate with predefined attributes in the O, OU, and DN attributes. To obtain the necessary client certificate, please follow the instruction provided in [High Level Implementation Process](https://developer.mastercard.com/authentication-consent/tutorial/high-level-implementation/step-3/) tutorial. ## Environments {#environments} The following table describes the two different environments that are exposed externally: | **Environment** | **Description** | |--------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Mastercard Test Facility (MTF) | Mastercard offers a testing facility that allows merchants and Payment Service Providers to test the different stand-alone consent functions. When you are ready to test the full APIs and have completed your coding, you can request access to the MTF testing facility as described in the [Testing](https://developer.mastercard.com/authentication-consent/documentation/testing/index.md) section. | | Production | Once MTF testing is completed, you can request Production access for your client certificate. This requires approval from Mastercard and assistance from the Mastercard Customer Implementation Services (CIS) team. You can then complete connectivity testing before launching your solution. |