# Getting Started with the APIs
source: https://developer.mastercard.com/mastercard-send/documentation/implementation/getting-started/index.md

To access the Mastercard Send APIs, you create a project on Mastercard Developers, which sets up the required authentication keys for the API environments. The diagram below shows the main steps for creating the project and integrating with the APIs. Before starting, ensure you:

* Have [created and activated](https://developer.mastercard.com/account/sign-up) your Mastercard Developers account. For your project, consider using an account that can also be accessed by other trusted colleagues in your team. You can also invite team members to your project, see below.

* Can access the Mastercard Developers documentation sets for the Mastercard Send services you will be using.

  Most Mastercard Send documentation sets are public. However, if a documentation set requires access approval, a panel will appear when you try to view it, enabling you to request access. Please notify your Mastercard representative or Account Manager when you have submitted that access request.

![Implementation steps and key use](https://static.developer.mastercard.com/content/mastercard-send/documentation/img/mastercard-send-api-getting-started-2.png)

The sections below lead you through the main steps. Please also refer to the Getting Started section in the Mastercard Developers documentation sets for your chosen services. Additional guidance is available in the Mastercard Developers [Quick Start Guide](https://developer.mastercard.com/platform/documentation/getting-started-with-mastercard-apis/quick-start-guide/).

**NOTE:**

* The Mastercard Test Facility (MTF) and production environments will not be accessible until your program is approved and implemented by Mastercard.
* If your Mastercard Send funds transfer program is already live in production and you want to integrate additional Mastercard services, please ask your Mastercard representative or Account Manager to subscribe you to those additional services and initiate a new CIS implementation project; see [Implementing additional services](https://developer.mastercard.com/mastercard-send/documentation/implementation/index.md#implementing-additional-services). Otherwise, your access requests and the related Mastercard configuration changes may be rejected or delayed.

## 1. Create your project and sandbox keys {#1-create-your-project-and-sandbox-keys}

To create your project and sandbox keys, click **Create New Project** in your [project dashboard](https://developer.mastercard.com/dashboard) (My projects page) and complete the panels that appear. An example panel sequence is shown below; actual panels might differ.

![Create New Project flow](https://static.developer.mastercard.com/content/mastercard-send/documentation/img/mastercard-send-mcdev-create-project-2.png)

During this procedure:

* Select this API service:

  * **Mastercard Send** for the Disbursements, Person-to-Person, Funding, Account Information, and Account Verification services\*
  * **Mastercard Account Validation** for the Account Validation service
  * **Currency Conversion for Originating Institution** for the Mastercard Send Currency Conversion Calculator

  You will only be able to use the services for which you register when becoming a Mastercard Send program participant.   

  \* If you are registered to use several of these services, you can use the same project and authentication keys for these services. The Account Validation and Currency Conversion Calculator services can also be added to that project, see [Adding a new service to an existing project](https://developer.mastercard.com/mastercard-send/documentation/implementation/getting-started/index.md#adding-a-new-service-to-an-existing-project).
* You specify a project name, which can be changed later.

* You choose the commercial countries where the users of your application will be located. If the required country is not available, you might not be able to use the API in that location --- contact your Mastercard representative for guidance.

* Unless you skip the step, Mastercard generates the set of sandbox keys (in your browser) that you will use to create the OAuth 1.0 Authorization Header for your API requests to the sandbox and MTF environments. The ZIP file you download will contain the P12 file, which can generate the private and public keys and a certificate.

* Store the P12 file and key password in a secure place. Alternatively, you can generate new keys or add new keys using a Certificate Signing Request (CSR) file, see [Adding or renewing keys](https://developer.mastercard.com/mastercard-send/documentation/implementation/getting-started/index.md#adding-or-renewing-keys).

Once created, your sandbox public key is uploaded to Mastercard Developers and your project page's Summary panel appears. The Sandbox credentials panel shows the key name (key alias) and consumer key for your sandbox keys.

![Project screens showing key credentials](https://static.developer.mastercard.com/content/mastercard-send/documentation/img/mastercard-send-mcdev-project-page-3.png)

You can add team members to your project at any time by selecting **Invite a Team Member** in your project page's Team panel. This allows you to change who can administer or view your project details.

### Import the sandbox certificate and key {#import-the-sandbox-certificate-and-key}

If required, import the sandbox keys into your keystore. For example, for a Microsoft Windows keystore, double-click the downloaded P12 file (or your own key file) to open the Certificate Import Wizard and import the keys and certificate.

## 2. Try sandbox {#2-try-sandbox}

The Mastercard Send APIs have a sandbox environment with mock APIs, enabling you to try the APIs quickly before registering as a program participant. Refer to the documentation set for your chosen service to see the API specification and learn how to connect to, and test, the sandbox API.

Mastercard Send Parameter Management Services, which is for Sponsor Bank use, does not have sandbox APIs.

## 3. Request MTF access {#3-request-mtf-access}

When you have registered as a Mastercard Send program participant and are ready to integrate and test with the full APIs in MTF, send your sandbox consumer key to your Mastercard Delivery Manager, identifying your project and that the key is for the MTF environment. You can get the consumer key from your project page's Sandbox credentials panel.

It can take 5-7 business days for Mastercard to configure the MTF environment for your keys. Mastercard will notify you when you can start making API calls to that environment.

## 4. Test service in MTF {#4-test-service-in-mtf}

When Mastercard notifies you that MTF configuration is complete, you can begin API testing using the test cases provided by the Mastercard Implementation Manager assigned to your project. Continue to use your sandbox keys. However, adjust your implementation to use the MTF API endpoints and your MTF Partner Reference ID; most Mastercard Send APIs require that ID in the endpoint path.

There are no MTF APIs for the Currency Conversion Calculator service.

Once API testing is complete a Testing Acknowledgment Notice (TAN) letter will be sent to you, a live date will be scheduled, and the Implementation Manager will indicate when you are ready to move to production.

## 5. Request production access and set up production keys {#5-request-production-access-and-set-up-production-keys}

To request production access and set up your production keys, click **Request Production Access** in your project page's Summary panel.

During this procedure:

* You can generate the production key in your browser or skip the step and upload your own production key from a CSR file (PEM format) later. If you choose to have the production key generated for you, you will download a P12 file. This file can generate the required production private and public keys and a certificate. Store the P12 file and key password in a secure place.
* Your public key is uploaded to Mastercard Developers and your request is submitted to Mastercard for approval.
* A notification message is automatically sent to your account email address about your production request.

Additional guidance is available in the Mastercard Developers documentation set for your chosen service and the [Go Live](https://developer.mastercard.com/platform/documentation/getting-started-with-mastercard-apis/quick-start-guide/#go-live) section of the Quick Start Guide.

**NOTE:** If you see a message about company verification being required, follow [these instructions](https://developer.mastercard.com/platform/documentation/account-management/company-verification-via-connect-linking/).

### Provide the production consumer key to Mastercard {#provide-the-production-consumer-key-to-mastercard}

Send your production consumer key to your Mastercard Delivery Manager, identifying your project and that the key is for the production environment, and tell them you have requested production access in Mastercard Developers. You can get the consumer key from your project page's Production credentials panel.

It can take 5-7 business days for Mastercard to configure the production environment for your keys and approve your production request. Mastercard will notify you when you can start making API calls to that environment.

### Import the production certificate and keys {#import-the-production-certificate-and-keys}

If required, import the production keys into your keystore. For example, for a Microsoft Windows keystore, double-click the downloaded P12 file (or your own key file) to open the Certificate Import Wizard and import the keys and certificate.

## 6. Validate service in production {#6-validate-service-in-production}

When you have production access, adjust your implementation to use the production keys, production API endpoints, and your production Partner Reference ID; most Mastercard Send APIs require that ID in the endpoint path.

As per your launch plan, conduct pilot launch or proof of concept, including your own end-to-end testing, to validate your implementation.

## Adding a new service to an existing project {#adding-a-new-service-to-an-existing-project}

If you intend to use multiple Mastercard API services, such as Mastercard Send and Mastercard Cross-Border Services, you can add them to the same Mastercard Developers project and use the same keys and credentials to access the APIs.

To add an API service to an existing project:

1. In Mastercard Developers, open your project.

2. In the Summary panel, click **Add a new API to this project**.

3. Select the API service you want to add to the project, such as **Mastercard Cross-Border Services**.

4. If the new API can use keys that are not currently set up for your project, such as additional payload encryption keys, you will see setup panels relating to those keys. Provide the required details to generate the keys, and store the downloaded key files and details securely. Click **Open project**.

   Your project's Summary panel will now show the new API.

   ![Project showing two API services](https://static.developer.mastercard.com/content/mastercard-send/documentation/img/mcdev-project-page-two-services.png)

Remember that to access the MTF and production APIs, you might need to register for the required programs and ask Mastercard to enable your access to those APIs.

## Adding or renewing keys {#adding-or-renewing-keys}

Keys generated using the Mastercard Developers site are valid for approximately one year. It is critical to renew keys before expiration to maintain a working connection to the Mastercard Send APIs. Key expiration notifications are sent to your account email address at these points prior to expiration: 90 days, 60 days, 30 days, 15 days, 7 days, 1 day, and 0 days. (Correct at time of writing but subject to change.)

You can add or renew keys at any time. For example, you might want to change the initial sandbox key that Mastercard generated for you when creating your project if you prefer to use your own keys instead.

The existing key will remain active until it expires or is revoked, enabling you to update your application/systems to use the new key while minimizing interruptions in service.

**NOTE:** We recommend you add or renew production keys in good time to allow yourself time to update your application/systems before the existing key expires. You can choose to extend the existing key's certificate, but we do not recommend that because reusing the certificate increases the chance of a security breach.

Procedure:

1. Follow [these instructions](https://developer.mastercard.com/platform/documentation/credential-management/oauth-key-management/#managing-an-expiring-key-oauth-10a).
2. Update your application to use the new key to generate OAuth 1.0 Authorization Headers for your API requests.
3. When you have ensured that your API requests are working with the new key, you can revoke the old key by selecting **Revoke key** in your project page.

### Do I need to send my new consumer key to Mastercard? {#do-i-need-to-send-my-new-consumer-key-to-mastercard}

Your Mastercard Developers project has unique client IDs: one for sandbox keys, one for production keys. If you add or renew keys within the **same** project, they have the same client IDs and you do not need to send the new consumer key to Mastercard.

However, if you need to create a **new** Mastercard Developers project and keys, the client ID will be different and you will need to send the new consumer key to Mastercard, identifying your project and that the key is for the MTF or production environment. Mastercard will need to adjust the environment and will notify you when that is complete.