|
| 1 | +[](https://shields.io/) |
| 2 | + |
| 3 | +# Message Level Encryption (MLE) Feature |
| 4 | + |
| 5 | +This feature provides an implementation of Message Level Encryption (MLE) for APIs provided by CyberSource, integrated within our SDK. This feature ensures secure communication by encrypting messages at the application level before they are sent over the network. |
| 6 | + |
| 7 | +## Configuration |
| 8 | + |
| 9 | +### Global MLE Configuration |
| 10 | + |
| 11 | +In the `merchantConfig` object, set the `useMLEGlobally` variable to enable or disable MLE for all supported APIs for the Rest SDK. |
| 12 | + |
| 13 | +- **Variable**: `useMLEGlobally` |
| 14 | +- **Type**: `boolean` |
| 15 | +- **Default**: `false` |
| 16 | +- **Description**: Enables MLE globally for all APIs when set to `true`. If set to `true`, it will enable MLE for all API calls that support MLE by CyberSource, unless overridden by `mapToControlMLEonAPI`. |
| 17 | + |
| 18 | +### API-level MLE Control |
| 19 | + |
| 20 | +Optionally, you can control the MLE feature at the API level using the `mapToControlMLEonAPI` variable in the `merchantConfig` object. |
| 21 | + |
| 22 | +- **Variable**: `mapToControlMLEonAPI` |
| 23 | +- **Type**: `map = [string, boolean]` |
| 24 | +- **Description**: Overrides the global MLE setting for specific APIs. The key is the function name of the API in the SDK, and the value is a boolean indicating whether MLE should be enabled (`true`) or disabled (`false`) for that specific API call. |
| 25 | + |
| 26 | +### MLE Key Alias |
| 27 | + |
| 28 | +Another optional parameter for MLE is `mleKeyAlias`, which specifies the key alias used to retrieve the MLE certificate from the JWT P12 file. |
| 29 | + |
| 30 | +- **Variable**: `mleKeyAlias` |
| 31 | +- **Type**: `string` |
| 32 | +- **Default**: `CyberSource_SJC_US` |
| 33 | +- **Description**: By default, CyberSource uses the `CyberSource_SJC_US` public certificate to encrypt the payload. However, users can override this default value by setting their own key alias. |
| 34 | + |
| 35 | +## Notes |
| 36 | +- If `useMLEGlobally` is set to true, it will enable MLE for all API calls that support MLE by CyberSource, unless overridden by mapToControlMLEonAPI. |
| 37 | +- If `mapToControlMLEonAPI` is not provided or does not contain a specific API function name, the global useMLEGlobally setting will be applied. |
| 38 | +- The `mleKeyAlias` parameter is optional and defaults to CyberSource_SJC_US if not specified by the user. Users can override this default value by setting their own key alias. |
| 39 | + |
| 40 | +## Example Configuration |
| 41 | + |
| 42 | +```php |
| 43 | +// Enable MLE globally for all supported APIs |
| 44 | +$merchantConfig->setUseMLEGlobally(true); |
| 45 | +``` |
| 46 | + |
| 47 | +Or |
| 48 | + |
| 49 | +```php |
| 50 | +// Enable MLE globally for all supported APIs |
| 51 | +$merchantConfig->setUseMLEGlobally(true); |
| 52 | + |
| 53 | +// Optionally, control MLE at the API level |
| 54 | +$merchantConfig->setMapToControlMLEonAPI([ |
| 55 | + 'apiFunctionName1' => false, // Disable MLE for this specific API |
| 56 | + 'apiFunctionName2' => true // Enable MLE for this specific API |
| 57 | +]); |
| 58 | + |
| 59 | +// Optionally, set a custom MLE key alias |
| 60 | +$merchantConfig->setMleKeyAlias('Custom_Key_Alias'); |
| 61 | +``` |
| 62 | + |
| 63 | +Or |
| 64 | + |
| 65 | +```php |
| 66 | +// Disable MLE globally for all supported APIs |
| 67 | +$merchantConfig->setUseMLEGlobally(false); |
| 68 | + |
| 69 | +// Optionally, enable MLE for some APIs |
| 70 | +$merchantConfig->setMapToControlMLEonAPI([ |
| 71 | + 'apiFunctionName1' => true, // Enable MLE for this specific API |
| 72 | + 'apiFunctionName2' => true // Enable MLE for this specific API |
| 73 | +]); |
| 74 | + |
| 75 | +// Optionally, set a custom MLE key alias |
| 76 | +$merchantConfig->setMleKeyAlias('Custom_Key_Alias'); |
| 77 | +``` |
| 78 | + |
| 79 | +In the above examples: |
| 80 | +- MLE is enabled/disabled globally (`useMLEGlobally` is true/false). |
| 81 | +- `apiFunctionName1` will have MLE disabled/enabled based on value provided. |
| 82 | +- `apiFunctionName2` will have MLE enabled. |
| 83 | +- `mleKeyAlias` is set to `Custom_Key_Alias`, overriding the default value. |
| 84 | + |
| 85 | +Please refer given link for sample codes with MLE: |
| 86 | +https://github.com/CyberSource/cybersource-rest-samples-php/tree/master/Samples/MLEFeature |
| 87 | + |
| 88 | +## Additional Information |
| 89 | + |
| 90 | +### API Support |
| 91 | +- MLE is initially designed to support a few APIs. |
| 92 | +- It can be extended to support more APIs in the future based on requirements and updates. |
| 93 | +### Authentication Type |
| 94 | +- MLE is only supported with `JWT (JSON Web Token)` authentication type within the SDK. |
| 95 | +### Using the SDK |
| 96 | +To use the MLE feature in the SDK, configure the `merchantConfig` object as shown above and pass it to the SDK initialization. |
| 97 | + |
| 98 | +## Contact |
| 99 | +For any issues or further assistance, please open an issue on the GitHub repository or contact our support team. |
0 commit comments