All API requests are executed in the context of a specific account (e.g. admin, owner, user, public, etc.).
API endpoints have certain access restrictions assigned to each role that limit who can access them. A few selected API endpoints are publicly available, but most require you to authenticate.

API Keys

The common way to use the API is with an API Key. An API Key can be defined from within PayEngine console by navigating to API -> Manage Keys section. You can create as many API Keys as you need and all of them can be active at the same time.
To use an API Key, send an Authorization header in the format of Basic <your-api-secret-key> . That's the constant string Basic followed by a space, followed by the API Secret Key as it appears the first time when you create it in the dashboard.
Here is an example call made to the /api/merchant endpoint:
curl -H "Authorization: Basic 770abfed66889cf64755171faa056c8416f09b8a5224f442f8f286a77fc49ba97195f0b3cd3359fa46cc2a9a63ca999c546184a2a78b" \
Your API Keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code and published documents.
Copy link