Download OpenAPI specification:Download
Pace Software is a financial technology company that provides payment solutions through public web APIs.
The Pace Software solution includes a virtual terminal accessible through a web browser, a mobile application for Android, and public APIs for integration with other systems. The back-end of the solution is based on .NET framework, and the solution uses microservices architecture that provides for high scalability and easy maintenance.
Our public APIs enable merchants and third-party developers to integrate our Transactions solution into their systems. The APIs use RESTful architecture and JSON data format. The APIs are also PCI-compliant and use the latest security protocols to ensure the security of sensitive customer information.
The solution uses various security measures to ensure the security of sensitive customer information. The public APIs are all PCI-compliant, and they use the latest security protocols, including AES-256 for packet-level encryption and decryption of API message and card tokenization to protect sensitive customer information.
The Authentication endpoints provide a robust and secure solution for user and client authentication, ensuring that only authorized entities can access the system's resources. These endpoints cover a range of essential authentication and security features, including user and client authentication, token generation and validation, and integration with other services.
User authentication is supported using username and password combinations, with additional functionality for user session management, such as login, logout, and session expiration. The endpoints also facilitate client authentication using API keys, as well as API key generation, management, and revocation. Upon successful authentication, the returns essential user or client information, such as their ID and role.
The security of the Authentication endpoints is a top priority, with user passwords stored securely using strong hashing algorithms for enhanced security. misuse.
The Authentication endpoints work in tandem with the Users and Clients services, providing necessary user and client information for enforcing access controls. Additionally, The authentication endpoints integrate with the User Profile Service for retrieval and storage of user authentication information.
The Authentication endpoints also support multi-factor authentication via SMS, email, and device ID for web, mobile app users, and API clients. Furthermore, they provide password reset functionality using email-based password reset links and ensure compliance with PCI DSS, PCI MPoC, and all applicable US state and federal privacy laws. The endpoints are built to accommodate future integrations with other systems or third-party services, adhering to business rules such as password policies, lockout policies, and user session management.