The Sandbox is a live simulated non-production environment where you can begin your integration with Tesouro. The Sandbox is designed for developers ready to start building their actual integration using API calls.
The Sandbox environment uses real API endpoints but with simulated data - perfect for testing your
integration before going to production.
Access
Your organization’s API access key and secret are created by Tesouro and shared with you. To receive access:
-
Have your designated team lead submit your access request here (external site managed by Tesouro)
-
Tesouro will email you an API access key and secret that will require passwordless authentication via email address.
Create and authenticate your JWT
Create a JWT, then add it to the header of your call to query the Tesouro Sandbox environment.
curl --location '[https://api.sandbox.tesouro.com/openid/connect/token](https://api.sandbox.tesouro.com/openid/connect/token)' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=CLIENT_ID' \
--data-urlencode 'client_secret=CLIENT_SECRET'
{
"access_token": "efJhbGcifiJv4zI1NiIs...",
"token_type": "Bearer",
"expires_in": 3600
}
curl -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ADD_TOKEN_HERE" \
-d '{
"query": "query MyOrganization {
organization {
id
businessName
}
}",
"variables": {}
}' \
[https://api.sandbox.tesouro.com/graphql](https://api.sandbox.tesouro.com/graphql)
{
"data": {
"organization": {
"id": "66f41f51-cc83-440b-948f-afe3d4c57406",
"businessName": "Tesouro Docs Sandbox"
}
}
}
For production, use https://api.tesouro.com instead of
https://api.sandbox.tesouro.com with production credentials
Testing
For test card numbers and simulating transaction scenarios, see Testing.
Additional resources
Learn more about JWTs 
