# Authentication and Encryption
source: https://developer.mastercard.com/consumer-clarity/documentation/api-basics/authentication-and-encryption/index.md

## Authentication {#authentication}

The Consumer Clarity API is a RESTful API with OAuth security. For all environments, your API requests must have an OAuth 1.0a Authorization Header for authentication.

Generate the OAuth 1.0a Authorization Header using the appropriate Signing Key and Consumer Key. You can implement your own OAuth 1.0a header or use the relevant Mastercard OAuth libraries (available on [GitHub](https://github.com/Mastercard?utf8=%E2%9C%93&q=oauth)). For guidance, see the *README.md* file included with the libraries.

For detailed information on using OAuth 1.0a with the Consumer Clarity API and generating Authorization Headers, see [Using OAuth 1.0a to Access Mastercard APIs](https://developer.mastercard.com/platform/documentation/using-oauth-1a-to-access-mastercard-apis).

## Encryption {#encryption}

The transport between client applications and Mastercard is secured using TLS/SSL, which means data are encrypted by default when transmitted across networks. In addition to that, services that deal with sensitive data, such as cardholder personally identifiable information (PII), also implement end-to-end payload encryption.

### The transaction-data endpoint and JWE Encryption {#the-transaction-data-endpoint-and-jwe-encryption}

When calling the `transaction-data` endpoint to retrieve information, you must complete an extra step involving JSON Web Encryption (JWE).

1. Use the private key (from the encryption keys that have been set up for the Consumer Clarity API) to decrypt the API response. Note that the encryptions keys are different than the authentication keys.

2. Use the JWE decryption method when decrypting the response.

This step is needed for the `transaction-data` endpoint because the data being returned is considered PII. For more information, see [JWE Encryption](https://developer.mastercard.com/platform/documentation/security-and-authentication/securing-sensitive-data-using-payload-encryption/#jwe-encryption).

## Client Libraries {#client-libraries}

Mastercard provides [client authentication libraries](https://github.com/Mastercard?q=oauth) in several languages that you can integrate to your project or use as reference OAuth 1.0a implementations. To get started, simply add the package matching your application development language to your project.

## Environment Descriptions {#environment-descriptions}

This table describes the environments that are available for the Consumer Clarity API:

| Environment |                                                                                                                                                                                                                                                                                   Description                                                                                                                                                                                                                                                                                   |
|-------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Sandbox     | Early access environment containing limited-capability mock APIs, intended to help integrate new clients. The Sandbox contains sample static data and returns mock responses for a defined request. The JSON sample can be used as a reference for sending requests and receiving responses. You can also see our article on [Testing](https://developer.mastercard.com/consumer-clarity/documentation/testing/index.md) for many different types of test cases that you can use in your Sandbox. **URL:** <https://sandbox.api.ethocaweb.com/ethoca/consumer-clarity/searches> |
| Production  | Full production environment containing the latest production API release. This environment contains actual merchant data. **URL:** <https://api.ethocaweb.com/ethoca/consumer-clarity/searches>                                                                                                                                                                                                                                                                                                                                                                                 |

## See Also {#see-also}

The [Field Recommendations](https://developer.mastercard.com/consumer-clarity/documentation/api-basics/common-elements-headers/index.md) article includes key field definitions and provides guidance on required, recommended, or optional fields.

## Next Steps {#next-steps}

* Use the [Quick Start Guide](https://developer.mastercard.com/consumer-clarity/documentation/quick-start-guide/index.md) to quickly connect and start making calls to the Consumer Clarity API in a sandbox environment.
* If you already created a project and have your keys, you can go through the [Reference Application Tutorial](https://developer.mastercard.com/consumer-clarity/documentation/tutorials-and-guides/reference-app-tutorial/index.md) for step-by-step guidance in making API calls to the Consumer Clarity API service.