# API Basics source: https://developer.mastercard.com/eop-admin/documentation/api-basics/index.md ## API security {#api-security} ### Client authentication {#client-authentication} Mastercard uses OAuth 1.0a for authenticating your application. You can manage your authentication keys from your [Developer Dashboard](https://developer.mastercard.com/dashboard) after you created a project using Offers Merchant Content. Tip: Do you want to learn more about the authentication scheme Mastercard uses? Refer to our [Using OAuth 1.0a to Access Mastercard APIs](https://developer.mastercard.com/platform/documentation/security-and-authentication/using-oauth-1a-to-access-mastercard-apis/) guide for details. ## How to consume Offers Merchant Content {#how-to-consume-offers-merchant-content} Note: There are multiple ways of integrating with Offers Merchant Content: 1. Using a generated API client (recommended) 2. Using a method of your choice ### Generate your own Offers Merchant Content client {#generate-your-own-offers-merchant-content-client} Create customizable API clients from the Offers Merchant Content specification and let Mastercard open-source client libraries handle the authentication for you. This approach offers more flexibility and is strongly recommended. Follow our [Generating and Configuring a Mastercard API Client](https://developer.mastercard.com/platform/documentation/getting-started-with-mastercard-apis/generating-and-configuring-a-mastercard-api-client/) tutorial with the API specification on the [API Reference](https://developer.mastercard.com/eop-admin/documentation/api-reference/index.md) page. ### Use a method of your choice {#use-a-method-of-your-choice} Offers Merchant Content exposes a REST API. You can use the REST/HTTP client of your choice and still leverage the Mastercard open-source [client libraries](https://developer.mastercard.com/platform/documentation/security-and-authentication/using-oauth-1a-to-access-mastercard-apis/#client-libraries) for signing your requests. Refer to the Offers Merchant Content [REST API Reference](https://developer.mastercard.com/eop-admin/documentation/api-reference/index.md) page for details. ## Environments {#environments} The table describes the two different environments that are available. | **Environment** | **Description** | |-----------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Sandbox | Pre-production test environment containing the latest pre-release version of the real APIs, intended for full integration testing prior to moving to production. Use your Sandbox keys to authenticate with this environment. The keys are set up when you create your project. | | Production | Full production environment containing the latest production API release. | ## Next steps {#next-steps} Now that you have an understanding of the authentication and encryption requirements, proceed to the [Quick Start Guide](https://developer.mastercard.com/eop-admin/documentation/quick-start-guide/index.md) section to learn how to access the API and generate your credentials.