We want to ensure your brand security by preventing the unauthorised use of your API Keys and misuse of the payment window on unauthorised websites. In order to do this, when creating an API Key, we require a list of permitted URLs.

Permitted URLs are essentially a whitelist of URLs which you authorise to display your payment form.

If the payment form is included in a website which you have not authorised, the user will be shown the message "Unfortuantely, we cannot accept online payments directly at the moment" and the form will not load.

If you find a page, which you believe should have been authorised displaying this message, then ensure that the URL is correctly assigned to the API Key used to access and load the payment form. You can add and edit permitted URLs here, by selecting to edit the API Key concerned.

Please note that https://tascuro.com and https://www.tascuro.com are considered as two different URLs even though they most likely display the same page. If your payment form can be accessed via www. and without, please ensure that both versions of the address are listed under Permitted URLs.