Hi everyone,
I'm integrating Cybersource REST API for payment authorization and keep getting a 403 Forbidden error on every request. I've double-checked my credentials but can't figure out what's wrong.
My Setup:
- Environment: Sandbox
- API: REST (not SOAP)
- Language: PHP 8.1
- SDK: Official Cybersource PHP SDK (latest version)
Error Response:
{ "status": "FORBIDDEN", "reason": "INVALID_MERCHANT", "message": "Access denied"}What I've tried:
- Regenerated API keys from Business Center
- Verified Merchant ID is correct
- Confirmed HTTP Signature headers are properly formatted
- Tested with Postman — same error
Is this a sandbox account activation issue or am I missing something in the authentication setup? Any help would be appreciated.
Thanks
