# Creating a Project source: https://developer.mastercard.com/mdes-token-connect/documentation/tutorials-and-guides/create-project/index.md ## Overview {#overview} ### What You'll Learn: {#what-youll-learn} Create a new MDES Token Connect API project. ## Log in or Sign up {#log-in-or-sign-up} If you do not have a Mastercard Developers account yet, click **Sign up** and follow the instructions to create an account before logging in. You must create an account with a group email/distribution list. This will ensure that communications related to the project are sent to the group email/distribution list. ## Create a new API project {#create-a-new-api-project} 1. To create a new project, in the upper-right corner of the screen, click **Create New Project**. ## Project details {#project-details} 1. Enter **Project name**. 2. If you are an issuer creating the project for your own CID, click **No**. 3. If you are a processor or a service provider creating this project for an issuer, click **Yes** . ![](https://static.developer.mastercard.com/content/mdes-token-connect/documentation/tutorials-and-guides/tutorial-5/create-new-project.png) 4. Complete the details of the issuer for which the project is created. ![](https://static.developer.mastercard.com/content/mdes-token-connect/documentation/tutorials-and-guides/tutorial-5/enter-issuer-info.png) ## Select Service and Project Countries {#select-service-and-project-countries} 1. From the **Select Your API service** drop-down list, select **MDES Token Connect MTF**. 2. From the **Commercial countries** list, select the applicable countries. If you are using this project for global, select the **Select all** check box. ![](https://static.developer.mastercard.com/content/mdes-token-connect/documentation/tutorials-and-guides/tutorial-5/mtf-api-selection.png) 3. Click **Proceed**. ## Project Credentials {#project-credentials} Mastercard uses OAuth 1.0 for authenticating and authorizing client applications. This means every request must be digitally signed. Only requests with valid signatures created by authorized clients are granted access to our services. The OAuth protocol requires a consumer key and a request signing key. When your project is created, these keys (a Consumer Key and a Signing Key) will be automatically generated for our Sandbox environment. 1. Enter **Key alias** and **Keystore password** . A key alias is a label for specific key within a keystore. Ensure that you make a note of the key alias and the keystore password as you will need this information when you send the API request to Mastercard. ![](https://static.developer.mastercard.com/content/mdes-token-connect/documentation/tutorials-and-guides/tutorial-5/sandbox-proj-cred.png) Note: To use a custom CSR to generate the project keys, click **Skip this step** , continue with the project creation, and refer to generating [Adding Keys and CSR](https://developer.mastercard.com/mdes-token-connect/documentation/tutorials-and-guides/add-key/index.md). 2. Click **Proceed**. ## Download Sandbox Keys {#download-sandbox-keys} 1. To Download the key information, click **Download key file** . The downloaded key file contains the Sandbox key information. ![](https://static.developer.mastercard.com/content/mdes-token-connect/documentation/tutorials-and-guides/tutorial-5/creating-project.png) 2. To see the project details, click **Open project** . ![](https://static.developer.mastercard.com/content/mdes-token-connect/documentation/tutorials-and-guides/tutorial-5/requestprodaccess-mtfs-projectdetail.png) ## Ready to Test in Static Sandbox {#ready-to-test-in-static-sandbox} You are now ready to test in the Static sandbox environment. The static sandbox returns dummy data. Refer to the [API Reference](https://developer.mastercard.com/mdes-token-connect/documentation/api-reference/index.md) page for the URLs. ### What is Sandbox Testing {#what-is-sandbox-testing} * Sandbox APIs are designed to return a successful response for a limited set of sample data. * The Sandbox environment allows the validation of connectivity, OAUTH authentication, and field-level encryption including the format of the requests. * It is recommended to test the full functionality of the MDES Token Connect API in Sandbox before proceeding through to the MTF and Production environments. ### Download Client Encryption Key for Static Sandbox {#download-client-encryption-key-for-static-sandbox} Now you will need to download the Client Encryption Key (public key) that is used for field-level encryption in some of the API requests to MDES. 1. Download the [Public-Key-Certificate.crt](https://static.developer.mastercard.com/content/mdes-token-connect/uploads/Public-Key-Certificate.crt) (2KB) file. The public key contained in this certificate is used to wrap the one-time use AES key in requests to MDES 2. When testing in the Sandbox environment, use fingerprint value: **4070BFE5119426F5F9E232CB86D372A4F9B2314C** for input field `encryptedPayload.publicKeyFingerprint` Note: * Refer to [How to Consume the MDES Token Connect API?](https://developer.mastercard.com/mdes-token-connect/documentation/api-basics/index.md) and [Securing Sensitive Data Using Payload Encryption](https://developer.mastercard.com/platform/documentation/security-and-authentication/securing-sensitive-data-using-payload-encryption/) for further information about the encryption of sensitive data.