# Create a New Project
source: https://developer.mastercard.com/payment-account-management/documentation/onboarding/create-new-project/index.md

## Overview {#overview}

### What You'll Learn: {#what-youll-learn}

* How to create a new Payment Account Management API project
* How to obtain the keys required for the MTF environment
* How to get access to the MTF environment
* How to prepare your Payment Account Management project for testing in Sandbox and Mastercard Test Facility (MTF) environments.

### What you'll need: {#what-youll-need}

You can test in Static Sandbox straightaway after creating a project.

Before testing in the MTF environment:

* You must have a **CIS project** open.
* You must have received your **CIS project number** (CIS-xxxx-xxxx) from Mastercard.

### APIs Used in this Tutorial {#apis-used-in-this-tutorial}

* [Payment Account Management](https://developer.mastercard.com/payment-account-management/documentation/api-reference/index.md)

## Log in or Sign up {#log-in-or-sign-up}

If you do not have a Mastercard Developer account yet, click **Sign up** and follow the instructions to create an account before logging in. We recommend you create an account with **a group email or a distribution list**. This will ensure that communications related to the project are sent to the group email or distribution for further action.

## Create a new API project {#create-a-new-api-project}

On the top-right corner of the screen, click **Create New Project**.

## Project details {#project-details}

1. Enter the name of the project. If you are creating the project on behalf of a client, follow the instructions to enter the client details.
2. If you are creating this on behalf of a client or another CID, select **Yes**.
3. Enter the client details.
4. From the dropdown list, select **Payment Account Management**.

![](https://static.developer.mastercard.com/content/payment-account-management/documentation/onboarding/create-new-project/img/create-project-1.png)

## Select Service and Project Countries {#select-service-and-project-countries}

1. From the Commercial countries list, select the applicable countries. If you are using for global, click **Select all**.
2. Click **Proceed**.

![](https://static.developer.mastercard.com/content/payment-account-management/documentation/onboarding/create-new-project/img/create-project-2.png)

## Legal Agreements {#legal-agreements}

1. Select the check box to agree to Terms and Conditions and click **Proceed**.

![](https://static.developer.mastercard.com/content/payment-account-management/documentation/onboarding/create-new-project/img/create-project-3.png)

## Project Credentials {#project-credentials}

Mastercard uses [OAuth 1.0a](https://oauth.net/core/1.0a/) for authenticating and authorizing client applications. This means every request must be digitally signed. Only requests with valid signatures created by authorized clients are granted access to our services. The OAuth protocol requires a consumer key and a request signing key. When your project is created, these keys (a Consumer Key and a Signing Key) will be automatically generated for our Sandbox environment, which gives access to an API that mimics the live production environment.

1. Enter the **Keyalias** and **Keystore** Password to create these credentials.
2. Click **Proceed**.

![](https://static.developer.mastercard.com/content/payment-account-management/documentation/onboarding/create-new-project/img/create-project-4.png)
Note: Project credentials expire after a certain time. The key renewal emails are sent out to the project team 90 days before the expiry. Failure to renew the credentials will result in requests failing, and therefore, it is crucial that you renew the credentials before they expire.

## Additional Sandbox credentials {#additional-sandbox-credentials}

The Payment Account Management service encrypts fields that contain sensitive data. Client encryption libraries are available on [Mastercard's Github](https://github.com/search?q=topic%3Afield-level-encryption+org%3AMastercard&type=Repositories). For further details, refer to [Securing Sensitive Data](https://developer.mastercard.com/platform/documentation/securing-sensitive-data-using-payload-encryption/).

You require one key to encrypt data in requests, and a second to decrypt data in response.

1. Enter the **Keyalias** and **Keystore** Password to create these additional credentials.
2. Click **Create Project**.

![](https://static.developer.mastercard.com/content/payment-account-management/documentation/onboarding/create-new-project/img/create-project-5.png)

If you wish to create credentials using a **Certificate Signing Request (CSR)** , you need to go back to your project dashboard to add a new key.
This method involves you creating your Production signing key and response decryption key offline, and sending them to Mastercard. Refer to detailed instructions in Method 2 [here](https://developer.mastercard.com/platform/documentation/security-and-authentication/securing-sensitive-data-using-payload-encryption/#method-2).
Note: Project credentials expire after a certain time. The key renewal emails are sent out to the project team 90 days before the expiry. Failure to renew the credentials will result in requests failing, and therefore, it is crucial that you renew the credentials before they expire.

## Download Sandbox Keys {#download-sandbox-keys}

This is your only chance to download the keys. Ensure that you keep the key file in a safe location.

1. To finish the project creation, click **Download key file**.
2. Click **Open Project**.

![](https://static.developer.mastercard.com/content/payment-account-management/documentation/onboarding/create-new-project/img/create-project-5.png)

The Summary page shows the Sandbox Client ID.

## Ready to Test in Static Sandbox? {#ready-to-test-in-static-sandbox}

You must retrieve the Sandbox Client ID (part of the Consumer Key) and send an email to [APISupport@mastercard.com](mailto:APISupport@mastercard.com) to request access to the Sandbox environment if you do not have a CIS IM assigned yet.
Under OAuth 1.0a project keys, next to the consumer key, click the copy icon to copy the Consumer key.
\> Client ID comprises the first 48 characters of this key value (up to the exclamation mark). For example, with Client ID shown in bold:  
**l6dXa1PkV03‑hTDlFwHY2tMzd4ermMIKzy574sc‑577dcc9e**!c6caf58a58ea432f92a1bc54a73e26660000000000000000

Once your access is approved, you can start sending Payment Account Management API requests to the Sandbox!

The static Sandbox environment returns dummy data, so you may see different PAR values in the responses to those you specified in the requests.

### What is Sandbox Testing for? {#what-is-sandbox-testing-for}

1. In the Sandbox environment, Payment Account Management API is mapped to API stubs that validate the format of the input data supplied.
2. Sandbox APIs are designed to return a successful response for a limited set of sample data.
3. The Sandbox environment allows the validation of connectivity, OAUTH authentication and field level encryption including the format of the requests.
4. The Sandbox environment is open to test without onboarding to other Mastercard systems as long as there is a project created with the Payment Account Management API.
5. It is recommended to test the full functionality of Payment Account Management API in Sandbox before proceeding through to the MTF and Production environments.

## Ready to Test in MTF? {#ready-to-test-in-mtf}

Before moving your project to MTF:

* You must have requested to your Mastercard Customer Delivery contact the opening of a **CIS project** to enable Payment Account Reference Inquiry API
* You must have received from Mastercard your **CIS project number** (CIS-xxxx-zzzzz)
* If using a **Certificate Signing Request (CSR)**, you should have a CSR file ready, containing information such as your organization name, your domain name and location. The CSR contains the public key that will be included in your certificate for OAuth authentication. Use your own key management system to generate the private key in a secure hardware store. The CSR file must be in .pem format.

You must retrieve the Sandbox Client ID (part of the Consumer Key) and provide it to your CIS IM.

1. From the Mastercard Developers project dashboard page, navigate to **Sandbox Credentials**.
2. Under OAuth 1.0a project keys, next to the consumer key, click the copy icon to copy the Consumer key. Client ID comprises the first 48 characters of this key value (up to the exclamation mark). For example, with Client ID shown in bold:  
   > **l6dXa1PkV03‑hTDlFwHY2tMzd4ermMIKzy574sc‑577dcc9e**!c6caf58a58ea432f92a1bc54a73e26660000000000000000
3. After you are onboarded to MTF, you are ready to test.

Note: After you finish testing in MTF, you are ready to [move to Production](https://developer.mastercard.com/payment-account-management/documentation/onboarding/move-project/index.md).