availability

Tokenization keys are only compatible with Android SDK v2 or higher, iOS SDK v4 or higher, and JavaScript SDK v2.17 or higher.

A tokenization key authorizes clients to tokenize payment methods.

Unlike a client token, a tokenization key is both static and reduced privilege. It may be used multiple times and can be shipped with your apps without the need to generate a new key for each session.

Static

A single tokenization key may be reused indefinitely across many client apps.

You may have multiple active tokenization keys. For example, you may wish to use a unique key per platform. Each tokenization key can be given a label to track its intended purpose.

If you decide you no longer want a specific tokenization key to be used, it can be revoked. Doing so will deauthorize any clients using that key.

Reduced privilege

Tokenization keys authorize only a subset of Braintree's client API capabilities. When using a tokenization key, clients may only tokenize payment methods.

In contrast to a client token, you may not specify a customer ID, set a specific merchant account ID, or otherwise provide any configuration.

The following payment methods can be tokenized using a tokenization key: credit cards, PayPal, Venmo, Coinbase, Apple Pay, and Android Pay. You cannot use a tokenization key to create a 3D Secure transaction.

Obtaining a tokenization key

To obtain a tokenization key, follow these steps:

  1. Log into either the production Control Panel or the sandbox Control Panel, depending on which environment you are working in
  2. Navigate to Account > My user
  3. Under API Keys, Tokenization Keys, Encryption Keys, click View Authorizations

You should see your key under the Tokenization Key section. If no key appears, click Generate New Tokenization Key

Adding a tokenization key to your app

Because of their reduced authorization, tokenization keys are publishable, meaning safe to include in your app. They are not sensitive information and can be exposed in an insecure client.

important

Tokenization keys specify a single environment they will use. The environment is the first part of a tokenization key:

  • Sandbox: sandbox_tokenization_key
  • Production: production_tokenization_key

Take precautions to avoid shipping a live app with a sandbox tokenization key. Conversely, be mindful that a production tokenization key will always communicate with Braintree's live environment regardless of any environment variables or debug modes that may be set.

Initializing the SDK

Tokenization keys can be used with the Android SDK v2 or higher, iOS SDK v4 or higher, and JavaScript SDK v2.17 or higher.

Initialize the SDK with your tokenization key before you want to display the payment UI. The SDK will fetch configuration information from Braintree.

Objective-C Swift
BTAPIClient *apiClient = [[BTAPIClient alloc] initWithAuthorization:tokenizationKey];

Limitations

The SDK should function as with a client token, with some limitations:

  • Tokenization keys are only supported in the Android SDK v2 or higher, iOS SDK v4 or higher, and JavaScript SDK v2.17 or higher.
  • Payment methods cannot be saved directly from the client to a customer in the Vault using a tokenization key. To save the payment method, you'll need to pass the resulting payment method nonce to your server. Otherwise, generate a client token with a customer ID.
  • Drop-in will not be able to retrieve a customer's saved payment methods. Repeat purchases will show the add payment method UI.

Still Have Questions?

If you can’t find an answer, give us a call at 877.434.2894 or contact our Support team