# API Basics source: https://developer.mastercard.com/presentment/documentation/api-basics/index.md ## API security {#api-security} ### Client authentication {#client-authentication} Mastercard uses OAuth 1.0a for authenticating your application's HTTP requests. You can manage your authentication keys from your  [Developer Dashboard](https://developer.mastercard.com/dashboard/) after you have created a project for Offers for Publishers. Authentication using MTLS is also available for Offers for Publishers APIs. Tip: Refer to [Using OAuth 1.0a to Access Mastercard APIs](https://developer.mastercard.com/platform/documentation/authentication/using-oauth-1a-to-access-mastercard-apis/)  or [Using MTLS to Access Mastercard APIs](https://developer.mastercard.com/platform/documentation/authentication/using-mtls-to-access-mastercard-apis/) to learn more about the authentication scheme Mastercard uses. ## Consume the Offers for Publishers API {#consume-the-offers-for-publishers-api} Tip: Mastercard recommends using [OpenAPI Generator](https://openapi-generator.tech/) to integrate with the Offers for Publishers Service. ### Generating your own Offers for Publishers API client {#generating-your-own-offers-for-publishers-api-client} Create a customizable API client from the Offers for Publishers API specification and let Mastercard open-source client libraries handle the authentication for you. This approach offers more flexibility and is recommended. Follow the  [Generating and Configuring a Mastercard API Client](https://developer.mastercard.com/platform/documentation/getting-started-with-mastercard-apis/generating-and-configuring-a-mastercard-api-client/)  tutorial with the API specifications in the [API Reference](https://developer.mastercard.com/presentment/documentation/api-reference/index.md) section. ### Using a method of your choice {#using-a-method-of-your-choice} Offers for Publishers exposes a REST API. You are free to use the REST/HTTP client of your choice and can still use the Mastercard open-source  [client authentication](https://developer.mastercard.com/platform/documentation/authentication/using-oauth-1a-to-access-mastercard-apis/) library for signing your requests. Refer to the Offers for Publishers [API Reference](https://developer.mastercard.com/presentment/documentation/api-reference/presentment/index.md) section. ## Environments {#environments} The table describes the two different environments that are available. | Environment | Description | |-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Sandbox | Pre-production test environment containing the latest pre-release version of the real APIs, intended for full integration testing prior to moving to production. Use your Sandbox key to authenticate with this environment. | | Production | Full production environment containing the latest production API release. Use your Production key to authenticate with this environment. | ## Next steps {#next-steps} Now that you have an understanding of the authentication and encryption requirements, proceed to the [Quick Start Guide](https://developer.mastercard.com/presentment/documentation/quick-start-guide/index.md) section to learn how to access the API and generate your credentials.