The values in the header are used for authentication and validation. Portico responds with an "authentication error" response when these values are not set correctly. See Gateway Response Codes for additional information.
In order to process on Portico, a boarding event is required. This boarding event sets the appropriate configuration for the POS; the response contains values including LicenseId, SiteId, and DeviceId, and may include a means to obtain a Secret Key. These values are Portico-generated values that uniquely identify the POS.
During transaction processing, in order to identify the POS sending the request, Portico requires a valid secret key, or the following 5 credentials: LicenseId, SiteId, DeviceId, UserName, and Password.
LicenseId, SiteId, and DeviceId are integer values. The maximum length is 10 digits and the maximum value is 2147483647. Username is alphanumeric and the maximum length is 20 characters. Each Merchant is assigned a unique Merchant ID, also called Merchant Number or MID; this value is usually 15 digits and may start with zero.
Each merchant must know their MID, but the value is not passed to Portico in transaction messages. Each MID corresponds to a unique SiteId.
The credential token is used to indicate a user session. Currently, this option is only available to internal Heartland applications and should not be used by integrators.