- Get API keys for your public sandbox.
- View a transaction’s history.
- Manage your webhooks.
Get API keys for your public sandbox
Use API keys to set up authorization credentials that allow you to send requests to your public sandbox. For more information, see Authentication in the Core API Reference. To access your credentials and set up your public sandbox:Log into your public sandbox account. You can also select Sign in in the upper-right corner of any page of Marqeta Docs. Once authenticated, select Dashboard → in the upper-right corner of the page to display the API Keys page of your dashboard.
| Application token | Token that identifies your API client. Think of it as your username. |
|---|---|
| Admin access token | Allows you to access your public sandbox. Think of it as your secret password. |
| Base URL | Append endpoints to this URL when making API requests. |
| Try out your sandbox | Run this code in a terminal window to view the details of the card product that was created for your public sandbox. |
View a transaction’s history
You can view the lifecycle of a card token in your public sandbox using the interactive Transaction Timeline tool. All public sandbox accounts with the Developer role include access to the Transaction Timeline. The Transaction Timeline helps newcomers to the Marqeta platform quickly understand the role played by transaction flows in their integration, as well as in the broader payments space. It demonstrates line-by-line how individual transactions impact each other, and how they affect the account balance. To view a card token’s transaction history using the Transaction Timeline:After simulating at least one transaction in your public sandbox, access the Transaction Timeline by logging into your dashboard.
Pick one of your card tokens from the list of existing active cards that appear in the dropdown list on the right side of the screen.
The tool automatically builds and displays a history of all the transactions completed on that card. New transactions are added to the timeline as they occur in your public sandbox, with no need to refresh the page. Content in the Transaction Timeline is not cleared when you log out of your dashboard and it never expires, enabling you to accumulate a rich dataset of simulated transactions over time.
button. To remove the filter, select 
.
To copy the event token to the clipboard, select the 
button.
For more about cards and card tokens, see Cards in the Core API Reference.
Manage your webhooks
Webhooks are real-time notifications to keep you informed of specific events that occur within your public sandbox or integration. For example, you could create a webhook to sendstate.activated events to your application’s webhook URL that would inform your cardholder when a card has been activated.
You can manage webhooks in your sandbox from the Webhooks page. For information about working with webhooks in production, see About Webhooks.
With your account/program, you can configure and manage up to five webhooks.
To add a webhook
| Fields | Description |
|---|---|
| Name string required | Descriptive name of the webhook. Allowable Values: 64 char max |
| URL string required | URL of your webhook endpoint. Allowable Values: - 255 char max - Must be HTTPS - Empty string not allowed |
| Authentication username string required | Username for accessing your webhook endpoint. Allowable Values: 50 char max |
| Authentication password string required | Password for accessing your webhook endpoint. Allowable Values: - 20-50 characters - Must contain at least one numeral - Must contain at least one lowercase letter - Must contain at least one uppercase letter - Must contain at least one of these symbols: @``#``\$``%``!``^``&``*``(``)_``+``~``\\``-``=``[``]``\{``},``;``:``'``"``.``/``<``>``?` |
| Custom headers object optional | Contains information about the webhook’s custom HTTP headers for outgoing calls. Allowable Values: See The config.custom_header object (request). |
To disable a webhook
You have the option of disabling an activated webhook that you do not want to use; you can always reactivate it later on if necessary. It is not currently possible to delete a webhook once it has been created.Select Webhooks in the left-side navigation panel. A list of all the webhooks you have created, regardless of state, is displayed.
Do one of the following:
-
Disable from the summary page of all your webhooks:
- Select a new state for the webhook by making a selection in the State dropdown list.
-
Disable from the selected webhook’s own Details page:
- In the Name column, select the webhook you want to disable. The page refreshes to display details of the selected webhook.
- Select Disable webhook.
- When prompted to confirm your actions, select Disable.
To reactivate a disabled webhook
If you have previously disabled a webhook, you must reactivate it before the Marqeta platform will resume sending event notifications to the specified URL.Select Webhooks in the left-side navigation panel. A list of all the webhooks you have created, regardless of state, is displayed.
Do one of the following:
-
Reactivate from the summary page of all your webhooks:
- Select a new state for the webhook by making a selection in the State dropdown list.
-
Reactivate from the selected webhook’s own Details page:
- In the Name column, select the webhook you want to reactivate. The page refreshes to display details of the selected webhook.
- Select Reactivate webhook.
- When prompted to confirm your actions, select Reactivate.
To update a webhook
Select Webhooks in the left-side navigation panel. A list of all the webhooks you have created, regardless of state, is displayed.
In the Name column, select the webhook you want to update. The page refreshes to display details of the selected webhook.
| Fields | Description |
|---|---|
| Name string required | Descriptive name of the webhook. Allowable Values: 64 char max |
| URL string required | URL of your webhook endpoint. Allowable Values: - 255 char max - Must be HTTPS - Empty string not allowed |
| Authentication username string required | Username for accessing your webhook endpoint. Allowable Values: 50 char max |
| Authentication password string required | Password for accessing your webhook endpoint. Allowable Values: - 20-50 characters - Must contain at least one numeral - Must contain at least one lowercase letter - Must contain at least one uppercase letter - Must contain at least one of these symbols: @``#``\$``%``!``^``&``*``(``)_``+``~``\\``-``=``[``]``\{``},``;``:``'``"``.``/``<``>``?` |
| Custom headers object optional | Contains information about the webhook’s custom HTTP headers for outgoing calls. Allowable Values: See The config.custom_header object (request). |
To manage event listeners
Use the Event listeners tab to specify which Marqeta events you want the selected webhook to listen on. You can add as many or as few events as you need to a webhook, then fine-tune your webhooks as your development progresses. For example, when starting out, you might want your application to listen for all event types. Later on, you might subscribe only to specific transaction events such asauthorization.clearing and authorization.atm.withdrawal.
Select Webhooks in the left-side navigation panel. A list of all the webhooks you have created, regardless of state, is displayed.
In the Name column, select the webhook whose event listeners you want to manage. The page refreshes to display details of the selected webhook.
Select the Event listeners tab. A searchable, hierarchical list of all events you can listen on is displayed.