Glossary {#vas-smb-settings-glossary} ===================================== A - Active : A status indicating that a user account or API key is currently operational and can be used. Administrator : A user role with full access to all Settings features and the ability to manage other users. API (Application Programming Interface) : A set of protocols that allows different software applications to communicate with each other. API Key : A unique identifier used to authenticate API requests from your systems to the platform. Authentication : The process of verifying the identity of a user or system. C - Certificate Key : An API key type that uses JSON Web Token (JWT) authentication with public-private key pairs. Credential Management : The practice of securely storing and managing passwords, API keys, and other sensitive authentication information. D - Disable : To temporarily deactivate a user account, preventing login while preserving the account data. E - Expired : A status indicating that an API key has passed its expiration date and can no longer be used. H - HTTP Signature Authentication : An authentication method that uses a shared secret to generate and verify request signatures. I - Inactive : A status indicating that a user account has been disabled and cannot be used to log in to the platform. Integration : The connection between the platform and external systems or applications. J - JSON Web Token (JWT) : A compact, URL-safe means of representing claims to be transferred between two parties, used in Certificate key authentication. K - Key ID : A unique identifier for an API key, used in API request headers. Key Rotation : The security practice of periodically generating new API keys and decommissioning old ones. L - Least Privilege : A security principle where users are given only the minimum access rights needed to perform their job functions. M - Merchant ID : A unique identifier for your business account on the platform. P - Permissions : Specific actions or access rights granted to a user role. Public PEM Certificate : A public key certificate in Privacy-Enhanced Mail (PEM) format. R - REST API : Representational State Transfer Application Programming Interface, a web service architecture used for system integrations. Role : A predefined set of permissions that can be assigned to users. S - Shared Secret : An API key type that uses a secret value known to both parties for HTTP signature authentication. Signature : A cryptographic value generated using a secret key to verify the authenticity of an API request. T - Timezone : The geographic region's time standard used for displaying dates and times in the platform. Two-Factor Authentication (2FA) : A security process requiring two different forms of identification to verify a user's identity. U - User : An individual with an account and assigned permissions to access the platform. V - Verification : The process of confirming the validity of contact information (email or phone) by entering a code sent to that address.