|
| 1 | +[](https://shields.io/) |
| 2 | + |
| 3 | +# Message Level Encryption (MLE) Feature |
| 4 | + |
| 5 | +This feature provides an implementation of Message Level Encryption (MLE) for APIs provided by CyberSource, integrated within our SDK. This feature ensures secure communication by encrypting messages at the application level before they are sent over the network. |
| 6 | + |
| 7 | +## Configuration |
| 8 | + |
| 9 | +### Global MLE Configuration |
| 10 | + |
| 11 | +In the `merchantConfig` object, set the `useMLEGlobally` variable to enable or disable MLE for all supported APIs for the Rest SDK. |
| 12 | + |
| 13 | +- **Variable**: `useMLEGlobally` |
| 14 | +- **Type**: `Boolean` |
| 15 | +- **Default**: `false` |
| 16 | +- **Description**: Enables MLE globally for all APIs when set to `true`. If set to `true`, it will enable MLE for all API calls that support MLE by CyberSource, unless overridden by `mapToControlMLEonAPI`. |
| 17 | + |
| 18 | +### API-level MLE Control |
| 19 | + |
| 20 | +Optionally, you can control the MLE feature at the API level using the `mapToControlMLEonAPI` variable in the `merchantConfig` object. |
| 21 | + |
| 22 | +- **Variable**: `mapToControlMLEonAPI` |
| 23 | +- **Type**: `Hash of string to boolean` |
| 24 | +- **Description**: Overrides the global MLE setting for specific APIs. The key is the function name of the API in the SDK, and the value is a boolean indicating whether MLE should be enabled (`true`) or disabled (`false`) for that specific API call. |
| 25 | + |
| 26 | +### MLE Key Alias |
| 27 | + |
| 28 | +Another optional parameter for MLE is `mleKeyAlias`, which specifies the key alias used to retrieve the MLE certificate from the JWT P12 file. |
| 29 | + |
| 30 | +- **Variable**: `mleKeyAlias` |
| 31 | +- **Type**: `String` |
| 32 | +- **Default**: `CyberSource_SJC_US` |
| 33 | +- **Description**: By default, CyberSource uses the `CyberSource_SJC_US` public certificate to encrypt the payload. However, users can override this default value by setting their own key alias. |
| 34 | + |
| 35 | +## Notes |
| 36 | + |
| 37 | +- If `useMLEGlobally` is set to true, it will enable MLE for all API calls that support MLE by CyberSource, unless overridden by `mapToControlMLEonAPI`. |
| 38 | +- If `mapToControlMLEonAPI` is not provided or does not contain a specific API function name, the global `useMLEGlobally` setting will be applied. |
| 39 | +- The `mleKeyAlias` parameter is optional and defaults to `CyberSource_SJC_US` if not specified by the user. Users can override this default value by setting their own key alias. |
| 40 | +- Example configurations contain only properties related to MLE. |
| 41 | + |
| 42 | +## Example Configuration |
| 43 | + |
| 44 | +### Option 1: Enable MLE globally for all MLE supported APIs |
| 45 | + |
| 46 | +```ruby |
| 47 | +configuration_dictionary = { |
| 48 | +"useMLEGlobally": true # Globally MLE will be enabled for all MLE supported APIs |
| 49 | +} |
| 50 | +``` |
| 51 | + |
| 52 | +### Option 2: Enable/Disable MLE for specific APIs |
| 53 | + |
| 54 | +```ruby |
| 55 | +configuration_dictionary = {} |
| 56 | +configuration_dictionary['useMLEGlobally'] = true # globally MLE will be enabled for all the MLE supported APIs by Cybs in SDK |
| 57 | +mapToControlMLE = { |
| 58 | + 'create_payment' => false, # only create_payment function will have MLE=false i.e. (/pts/v2/payments POST API) out of all MLE supported APIs |
| 59 | + 'capture_payment' => true # capture_payment function will have MLE=true i.e. (/pts/v2/payments/{id}/captures POST API), if it not in list of MLE supportedAPIs else it will already have MLE=true by global MLE parameter. |
| 60 | +} |
| 61 | +configuration_dictionary['mapToControlMLEonAPI'] = mapToControlMLE |
| 62 | +# Set other properties |
| 63 | +api_client = CyberSource::ApiClient.new |
| 64 | +# Create API instance using the configuration dictionary |
| 65 | +api_instance = CyberSource::PaymentsApi.new(api_client, configuration_dictionary) |
| 66 | + |
| 67 | +``` |
| 68 | + |
| 69 | +### Option 3: Disable MLE globally and enable for specific APIs |
| 70 | + |
| 71 | +```ruby |
| 72 | +configuration_dictionary = { |
| 73 | + "useMLEGlobally": false, # Globally MLE will be disabled for all APIs |
| 74 | + "mleKeyAlias": "Custom_Key_Alias" # optional if any custom value provided by Cybs |
| 75 | +} |
| 76 | +mapToControlMLE = { |
| 77 | + 'apiFunctionName1' => false, # MLE will be disabled for this API |
| 78 | + 'apiFunctionName2' => true # MLE will be enabled for this API |
| 79 | +} |
| 80 | +configuration_dictionary['mapToControlMLEonAPI'] = mapToControlMLE |
| 81 | +``` |
| 82 | + |
| 83 | +In the above examples: |
| 84 | +- MLE is enabled/disabled globally (`useMLEGlobally` is true/false). |
| 85 | +- `apiFunctionName1` will have MLE disabled/enabled based on value provided. |
| 86 | +- `apiFunctionName2` will have MLE enabled. |
| 87 | +- `mleKeyAlias` is set to `Custom_Key_Alias`, overriding the default value. |
| 88 | + |
| 89 | +Please refer to the given link for sample codes with MLE: |
| 90 | + |
| 91 | + |
| 92 | +## Additional Information |
| 93 | + |
| 94 | +### API Support |
| 95 | + |
| 96 | +- MLE is initially designed to support a few APIs. |
| 97 | +- It can be extended to support more APIs in the future based on requirements and updates. |
| 98 | + |
| 99 | +### Authentication Type |
| 100 | + |
| 101 | +- MLE is only supported with `JWT (JSON Web Token)` authentication type within the SDK. |
| 102 | + |
| 103 | +### Using the SDK |
| 104 | + |
| 105 | +To use the MLE feature in the SDK, configure the `merchantConfig` object as shown above and pass it to the SDK initialization. |
| 106 | + |
| 107 | +## Contact |
| 108 | + |
| 109 | +For any issues or further assistance, please open an issue on the GitHub repository or contact our support team. |
0 commit comments