# Postman Collection source: https://developer.mastercard.com/unified-installments/documentation/postman-collection/index.md This section provides detailed information for customers to perform integration and testing with Mastercard Installments APIs using Postman. ## Pre-requisites {#pre-requisites} Customer creates a Mastercard Installments API project on the Sandbox on Mastercard Developers, by following the [Create a Sandbox Project guide](https://developer.mastercard.com/unified-installments/tutorial/create-project/) guide and obtains API keys (p12 and pem files) and the `ConsumerKey`. ## Postman Collection for Mastercard Installments API {#postman-collection-for-mastercard-installments-api} Mastercard Installment Postman Collection is maintained in Run in Postman
## Setup and configure Postman for Mastercard Installments API {#setup-and-configure-postman-for-mastercard-installments-api} For the generic steps needed to setup and configure Postman to integrate with Mastercard APIs, see the [Postman tutorial](https://developer.mastercard.com/platform/tutorial/use-postman-for-mastercard-apis/). While following the tutorial, refer to the following specific choices for Mastercard Installments API, considering that it uses OAuth 1.0a for authentication and JWE for encryption of sensitive data in the request and response payload. **Step 1** : **Setup the Postman Collection** , Fork the Mastercard Installment API Postman collection maintained [here](https://www.postman.com/mastercard/mastercard-developers/collection/rcbie26/mastercard-installments-api). **Step 2** : **Configure the Postman Environment** , the right choice for Mastercard Installment API is the *Mastercard API Sandbox Environment with JWE Encryption* . **Step 3** : **Setting up the base URL** , use the following URL: baseUrl : `https://sandbox.api.mastercard.com/installments` **Step 4** : **Enable authentication**, follow instructions under OAuth 1.0a section, since the Mastercard Installments API uses OAuth 1.0a. * Ensure to use the following configurations under the Authorization tab in the Postman for the collection at the parent level of *Mastercard Installments API* . Hence, at the individual endpoint level, Auth Type can be set to **Inherit auth from the parent** under the Authorization tab. ![step-4](https://static.developer.mastercard.com/content/unified-installments/uploads/authorization-03.png) * In this step, `baseUrl`, `consumerKey` and `privateKey` must be setup in the environment variables. * `ConsumerKey` needs to be obtained from the Mastercard Developers project. * Regarding `privateKey`, customer needs to use 'signing key p12 file' from the Mastercard Developers project to generate the private key file as per instruction provided in the guide. * There are two ways to configure private key generated above. * Option #1: Copy paste the content of the key file in the `privateKey` field value. * Option #2: Upload the generated private key file to the authorization tab. ![Options](https://static.developer.mastercard.com/content/unified-installments/uploads/option-2-1.png) * Ensure to enable **Include body hash** under Authorization tab ![step-4](https://static.developer.mastercard.com/content/unified-installments/uploads/include-body-hash.png) **Step 5** : **Enable Encryption** , follow the instructions under **JWE Encryption** section. * For `POST /offers`, `POST /plans`, `POST /consumers/pans/registrations` and `POST /consumers/pans/deregistrations` endpoints, ensure the following environment variables are configured: * `publicKeyFingerprint` -- Get it from Mastercard Developers project * `baseUrl` - `https://sandbox.api.mastercard.com/installments` (add, if not already added) * `consumerKey` - Get it from Mastercard Developers project * `privateKey` -- This was generated in step 4. * `encryptionCert` -- This key needs to be added here from the pem file obtained from Mastercard Developers project * `pathToRawData` - $.sensitiveData * `pathToEncryptedData` -- encryptedValue * `encryptedValueFieldName` -- encryptedValue * `encryptionType` -- jwe * For `POST /approvals` API, ensure the following environment variables are configured: * `publicKeyFingerprint` -- Get it from Mastercard Developers project * `baseUrl` - `https://sandbox.api.mastercard.com/installments` (add, if not already added) * `consumerKey` - Get it from Mastercard Developers project * `privateKey` -- This was generated in step 4. * `encryptionCert` -- This key needs to be added here from the pem file obtained from Mastercard Developers project * `pathToRawData` - $ * `pathToEncryptedData` -- $ * `encryptedValueFieldName` -- cipher * `encryptionType` -- jwe **Step 6** : **Invoke a Mastercard API from Postman** , use the following instructions to prepare the request payloads. There are two ways through which the customer will be able to test the APIs: **Option #1: Using pre-defined Sandbox data** To enable customers to perform a quick test of the API integration, Mastercard has pre-loaded certain test data in the sandbox environment. Using this test data, Customer will be able to provide a specific request payload in Sandbox and expect a pre-defined response. Customers need to refer to [Testing](https://developer.mastercard.com/unified-installments/documentation/testing/index.md) page to review several pre-defined test cases that can be executed for each API endpoint. Customers can copy the request payload from this page into respective endpoint's request body in the postman collection setup in previous step and send a request and expect the expected response. This helps customers in two ways: a. Ascertains that the API integration is successfully completed. b. Ability to experiment with the APIs using supported test data. **Option #2: Using Customer's own data** If customer has setup their own data on Sandbox, such as setting up Installment offers using their own Account ranges etc., then customers can prepare the request payloads matching with their own data and send an API request using Postman collection and review the response. This helps customers to: a. Ascertains that the API integration is successfully completed. b. Setup own data matching production and perform UAT.