# Support
source: https://developer.mastercard.com/mastercard-merchant-presented-qr/documentation/server-apis/support/index.md

## FAQs {#faqs}

When you contact Mastercard and request access to this service, you are typically connected with a regional Mastercard representative who can provide further information about the MPQR program and guide you through MPQR registration and eligibility requirements. When you are ready for program implementation, you will be assigned a Mastercard Delivery Manager who will guide you through implementation.

If you have not been connected with a Mastercard representative, please [contact us](mailto:digital.support@mastercard.com) to request a regional representative, identifying your company name, region, and the Mastercard program (MPQR) and services that interest you.

For technical support, use the **Get Help** button at the bottom of this page.
Yes, all of our APIs are PCI compliant. Please [contact us](mailto:digital.support@mastercard.com) for pricing and region information. The APIs are RESTful APIs with OAuth security. Your API requests must have an OAuth 1.0a Authorization Header for authentication. See [API Basics](https://developer.mastercard.com/mastercard-merchant-presented-qr/documentation/server-apis/api-basics/index.md).

The API request and response payloads are not encrypted.
To start using the Sandbox APIs, [create a Mastercard Developers project](https://developer.mastercard.com/mastercard-merchant-presented-qr/documentation/server-apis/getting-started/index.md#create-your-project-and-keys) choosing the **Mastercard Merchant Presented QR** APIs, and download the Sandbox Signing Key. The APIs use OAuth 1.0 authentication, so your API requests must have an OAuth 1.0a Authorization Header, generated using the Sandbox keys. See [API Basics](https://developer.mastercard.com/mastercard-merchant-presented-qr/documentation/server-apis/api-basics/index.md).

Ensure you use the Sandbox API endpoints with a `partnerId` value of `ptnr_BEeCrYJHh2BXTXPy_PEtp-8DBOo`.
Access to the MTF APIs uses the same Sandbox keys as the Sandbox environment (unless you chose to renew them), but Mastercard must configure the environment. Contact your Mastercard representative and provide your Sandbox Consumer Key, see [Request MTF Setup](https://developer.mastercard.com/mastercard-merchant-presented-qr/documentation/server-apis/getting-started/index.md#request-mtf-setup). Allow 5-7 business days for configuration.

You will be provided with a `partnerId` value that you must use in your API calls. Ensure you use the MTF API endpoints.
When you request Production access for your project (by clicking **Request Production Access** in your project page), it requires approval from Mastercard.

The Production Signing Key and Consumer Key (used for authentication) are different from the Sandbox keys.

Contact your Mastercard representative and provide your Production Consumer Key, see [Request Production Access and Set Up the Production Keys](https://developer.mastercard.com/mastercard-merchant-presented-qr/documentation/server-apis/getting-started/index.md#request-production-access-and-set-up-the-production-keys). Allow 5-7 business days for configuration.

Ensure you use the Production API endpoints.
The special characters we allow include: ! " # $ % \& ' ( ) \* + , - . / : ; \< = \> ? @ \[ \\ \] _ \` { \| } \~

To pass the characters \< \> " \& ' in the API payload, you must use the XML escape characters instead of the actual value:

\< would be \&lt;

\> would be \&gt;

" would be \&quot;

\& would be \&amp;

' would be '

Resource references must contain only characters from the following set: alphanumeric and \* , - . _ \~

This will result in resource references that can be passed as URL query parameters or in XML without encoding.
At time of writing, throttling is not implemented for these APIs. We will update this answer if it is implemented. For these APIs, the 90th percentile of the total transaction volume has an average response time of under 2 seconds. The 99.99th percentile is under 5 seconds. This varies over time. We currently see an average of approximately 15 TPS. A Financial Institution or other entity that has been granted membership in and has become a member of Mastercard in accordance with the Standards. All MPQR API responses include a Correlation ID (correlation-id) header value, which is a unique ID for each API call in Mastercard systems. We recommend you log this ID for tracking purposes. When seeking support, providing the relevant Correlation ID may help resolve your inquiry more quickly.

## Get Help {#get-help}

### Contact us for technical support. {#contact-us-for-technical-support}