> For the complete documentation index, see [llms.txt](https://docs.2checkout.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.2checkout.com/channel-manager-api/channel-manager-api/api-2.1/soap-2.1/authentication.md).

# Authentication

### Authentication

Last updated: 03-Sep-2025

### Overview

Use the **login** method for the authentication process in the 2Checkout system.

### Parameters

| Parameters       | Type/Description                                                                                                                                          |
| ---------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **merchantCode** | <p><strong>required (string)</strong><br>Your merchant identifier (received from 2Checkout).</p>                                                          |
| **date**         | <p><strong>required (string)</strong><br>UTC ISO Date format (e.g. 2010-01-01 12:13:14)</p>                                                               |
| **hash**         | <p><strong>required (string)</strong><br>Calculated HMAC\_SHA256 signature based on MerchantCode and Date, using your secret key (see example below).</p> |

### Response

| Parameter     | Type/Description                                                                                                                                           |
| ------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **sessionID** | <p><strong>string</strong><br>Session identifier string. An exception will be thrown if the values are incorrect. The sessionID expires in 10 minutes.</p> |

### Request

To create the HMAC\_SHA256 source string use your merchant code (available here: <https://secure.2checkout.com/cpanel/account\\_settings.php>) and the date of the request, prefixing them with the length in bytes of each respective value, along with your account’s secret key (for UTF-8 characters the length in bytes might be longer than the string length). For example:

| Parameters                                                                                   | Type/Description                                                     |
| -------------------------------------------------------------------------------------------- | -------------------------------------------------------------------- |
| **merchantCode**                                                                             | <p><strong>Avangate</strong><br>8AVANGATE</p>                        |
| **date**                                                                                     | <p><strong>2010-05-13 12:12:12</strong><br>192010-05-13 12:12:12</p> |
| **HMAC source string**                                                                       | 8AVANGATE192010-05-13 12:12:12                                       |
| **Secret key**                                                                               | SECRET\_KEY                                                          |
| **Calculated HMAC\_SHA256 signature based on MerchantCode and Date, using your secret key:** | bf763db7d333e9c3038698cf59ada3e6                                     |

### Request Example

{% code title="login.php" %}

```php
<?php

$host = "https://api.avangate.com/channel-manager";

$merchantCode = "YOUR_MERCHANT_CODE";// your account's merchant code available in the 'System settings' area of the Control Panel: https://secure.2checkout.com/cpanel/account_settings.php
$key = "YOUR_SECRET_KEY";// your account's secret key available in the 'System settings' area of the Control Panel: https://secure.2checkout.com/cpanel/account_settings.php
$algo = "sha256";
$now = date('Y-m-d H:i:s'); //date_default_timezone_set('UTC')

$string = strlen($merchantCode) . $merchantCode . strlen($now) . $now;
$hash = hash_hmac($algo, $string, $key);

try {
    $client = new SoapClient($host . "/2.1/soap/?wsdl", [\
        'location'       => $host . "/2.1/soap/",\
        "stream_context" => stream_context_create([\
            'ssl' => [\
                'verify_peer'      => false,\
                'verify_peer_name' => false\
            ]\
        ])\
    ]);
    $sessionID = $client->login($merchantCode, $now, $hash, $algo);
    echo("Token: {$sessionID}" . PHP_EOL);
} catch (SoapFault $e) {
    echo("Error: {$e->getMessage()}" . PHP_EOL);
}

?>
```

{% endcode %}

### Errors

| Error                  | Description           |
| ---------------------- | --------------------- |
| AUTHENTICATION\_FAILED | Authentication failed |
| FORBIDDEN              | Forbidden area        |

### Related documentation

* Products and subscriptions listing query parameters: <https://verifone.cloud/docs/2checkout/Documentation/myAccount/Products-and-subscriptions-listing-query-parameters>
* Subscriber management and self-service: <https://verifone.cloud/docs/2checkout/Documentation/Subscription-Billing/03Subscriber-management-and-self-service>
* Contracts: <https://verifone.cloud/docs/2checkout/Documentation/Subscription-Billing/01Subscription-Billing-Set-up/03Contracts>

{% hint style="info" %}
Need help? If you didn’t find the answer in our documentation, contact our [Support](https://verifone.cloud/support) teams for more information. For technical issues or questions, please contact support — they are happy to help.

Get in touch: <https://verifone.cloud/need-help>
{% endhint %}

Not yet a Verifone customer? We’ll help you choose the right payment solution for your business. Contact sales: <https://www.verifone.com/en/global/contact-sales>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.2checkout.com/channel-manager-api/channel-manager-api/api-2.1/soap-2.1/authentication.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.