Authentication
All API requests are executed in the context of a specific account (e.g. admin, owner, user, public, etc.).
API endpoints have certain access restrictions assigned to each role that limit who can access them. A few selected API endpoints are completely open and word-reachable, but most require you to authenticate.
There are two ways to authenticate with the API that we'll explain in the following sections.

API Keys

The most common way to use the API is with an API Key.
An API Key can be defined from within PayEngine console at API / API Keys. You can define as many API Keys as you want.
To use an API Key, send an Authorization header in the format of Basic you-api-secret-key . That's the constant string Basic followed by a space, followed by the API Secret Key as it appears the first time when you create it in the dashboard.
Here is an example call made to the /api/merchant endpoint:
1
curl -H "Authorization: Basic 770abfed66889cf64755171faa056c8416f09b8a5224f442f8f286a77fc49ba97195f0b3cd3359fa46cc2a9a63ca999c546184a2a78b" \
2
https://<payengine-dev-endpoint>/api/merchant
Copied!
Your API Keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

API Tokens

Being updated...
Last modified 3mo ago
Copy link