This guide applies when you connect Adyen as your own processor through Bring Your Own Processor (BYOP). Talk to us if you need help.
Enable raw card data access
Before Dodo can route payments through Adyen, your Adyen account needs raw card data access enabled. Adyen gates this behind PCI DSS compliance. Because Dodo Payments handles the raw card data on your behalf and is PCI DSS Level 1 compliant, you provide Dodo Payments’ Attestation of Compliance (AOC) to Adyen — you don’t need your own certification.Dodo Payments PCI DSS Attestation of Compliance (AOC)
Download Dodo Payments’ current AOC and submit it to Adyen support to enable raw card data access.
What you’ll need
To connect Adyen in Settings → BYOP, gather three values from your Adyen Customer Area:| Value | Where it comes from |
|---|---|
| API key | Developers → API credentials |
| Merchant Account | Your Adyen merchant account identifier |
| HMAC key | Generated when you set up the webhook |
Adyen keeps test (
ca-test.adyen.com) and live (ca-live.adyen.com) credentials separate. Generate credentials in the environment that matches the mode you’re configuring in Dodo.Step 1: Generate an API key
Open API credentials
In the Adyen Customer Area, go to Developers → API credentials. You need the Manage API credentials or Merchant admin role.
Select your credential
Choose the Payments tab and select your credential username (it looks like
ws_123456@Company.YourCompanyAccount).Generate the key
Go to Server settings → Authentication, open the API key tab, and select Generate API key.
Step 2: Find your merchant account
Your merchant account is the account identifier Adyen uses to process your transactions. It’s shown in the account selector at the top of the Customer Area (for example,YourCompany_ECOM). You’ll paste this into the Merchant Account field in Dodo.
Step 3: Set up the webhook and HMAC key
Dodo generates a Webhook Endpoint URL when you save the Adyen connection. Add it as a webhook in Adyen and generate an HMAC key. You need the Merchant admin or Merchant technical integrator role.Create a webhook
In the Customer Area, go to Developers → Webhooks and select Create new webhook. From the list, select Add for the Standard webhook type.
Configure the webhook
- Enter a Description.
- Toggle Enabled to activate it.
- Under Server configuration, paste the Webhook Endpoint URL that Dodo generated into the URL field (it must be HTTPS and publicly accessible).
Generate the HMAC key
Under Security, in the HMAC Key section, select Generate to create a new HMAC key. Copy it and store it securely; you won’t be able to copy it again later. Then select Save configuration.
Frequently asked questions
What is the HMAC key for?
What is the HMAC key for?
Adyen signs every webhook with an HMAC signature so the receiver can verify the notification’s integrity and origin. Dodo uses the HMAC key you provide to validate webhooks from your Adyen account.
I lost my API key or HMAC key, what now?
I lost my API key or HMAC key, what now?
Neither can be retrieved after creation. Generate a new API key under Developers → API credentials, or a new HMAC key in the webhook settings, then update the value in Settings → BYOP.
Do test and live use the same credentials?
Do test and live use the same credentials?
No. Generate credentials in the matching environment, test (
ca-test.adyen.com) or live (ca-live.adyen.com), and configure them in the corresponding mode in Dodo.