The current version of the PHP-SDK can be found at or by Composer / Packagist under the name secucard/secucard-connect.

Some sample code for using the PHP-SDK can be found at

Additional documentation is available at

Configure the SDK

In the SDK is a generic configuration for the production system included. This configuration doesn't need to be changed in the most use cases. You can load the default configuration as follows:

$config = new ApiClientConfiguration();

For the test mode, it is however necessary to override this default configuration. For example is it's necessary to change the API-Endpoint and some more logging information want to be activated.

// Define the required config params
$config = ApiClientConfiguration::createFromArray([
    'base_url' => '', // demo server
//    'base_url' => '', // live
    'debug'    => false // TODO Set to TRUE to display the http client logs


To authenticate against the API, it's necessary to pass some so-called "credentials" (access data). There are different types of credentials, f.e. "ClientCredentials" or "DeviceCredentials". The type "ClientCredentials" is intended for common web solutions, like e-commerce systems. This type consists of a "Client-ID" (user ID) and an associated "Client-Secret" (password). Entering these credentials is exemplified in the following code example.

// Create a dummy value storage
$store = new DummyStorage();

// Create credentials storage
$clientId = '09ae83af7c37121b2de929b211bad944'; // TODO Add your secucard client id (current length: 32 chars)
$clientSecret = '9c5f250b69f6436cb38fd780349bc00810d8d5051d3dcf821e428f65a32724bd'; // TODO Add your secucard client secret (current length: 64 chars)
$cred = new ClientCredentials($clientId, $clientSecret);

The statement "$store = new DummyStorage();" defines the storage in which the session data will be stored. This is necessary because the ClientCredentials will be only used for the initialization of a session. Each additional call is authenticated by a kind of session token. For details, see

Public test accounts

This following credentials are valid only for the server and can be used for a first test by you. Once you have took out a contract with us, you will be receive your own credentials. These individual credentials you can then use usually for all of our servers (test and live).

Client-ID: 09ae83af7c37121b2de929b211bad944

Client-Secret: 9c5f250b69f6436cb38fd780349bc00810d8d5051d3dcf821e428f65a32724bd

Enabled Features:

  • Payment method: invoice (demo)
  • Payment method: direct debit (demo)
  • Payment method: prepay (demo)
  • Payment method: credit card (demo)
  • Payment method: sofort (demo)
  • Subscription (from existing transactions)
  • Refund via API (for prepay only)
  • Creation of a subcontract

Initialization of the SDK

After all data (configuration, cache for the session data and access data) are specified, the client can be initialized:

// Create a dummy logger, replace by your own (like monolog)
$logger = new Logger(fopen("php://stdout", "a"), false); // TODO Set to TRUE to display the sdk logging stuff

// Initialize the SecucardConnect client
$secucard = new SecucardConnect($config, $logger, $store, $store, $cred);