Overview

Return the CyberSource client-side initialization key. The endpoint validates the request origin header against the gateway’s supported sites, then creates a Flex Microform capture context and returns it (as a JWK) along with the JS client bundle — everything the browser needs to render CyberSource’s hosted card form.

CyberSource-specific; the primary gateway (Stripe) sets up client-side and does not use this endpoint.

Example:

curl --request GET   --url 'https://www.pelcro.com/api/v1/sdk/payment/cybersource/get_frontend_key?site_id=1232'   --header 'Authorization: Bearer <JWT>'   --header 'Origin: https://www.example.com'

Notes

• Protected — requires the customer’s JWT.
• The Origin header must match one of the gateway’s supported sites, otherwise the endpoint returns 400 Site not supported.