Skip to main content

Authentication

This guide walks you through the process of setting up API credentials for our service, including whitelisting IPs and generating API keys.

Accessing Your API Dashboard

  1. Log in to your account dashboard
  2. Navigate to the Settings section
  3. Select the Developer tab

Setting Up API Access

Step 1: Whitelist Your IP Address

Before you can use the API, you need to whitelist the IP addresses that will make API calls:

  1. In the Developer page, locate the Whitelist IPs section
  2. Click the Add New IP button
  3. Enter the IP address from which you'll make API requests
  4. Select the service type (Recharge, Bill Payment, Smart Payouts)
  5. Save your changes

Step 2: Generate API Keys

After whitelisting your IP address:

  1. Scroll down to the API Key section
  2. Click the Generate Key button
  3. Select the service you need access to
  4. Once generated, you'll receive two credentials:
    • Client ID: Visible in your dashboard
    • Client Secret: Provided once during key generation
caution

Keep your Client Secret safe and secure. It will only be shown once during generation.

Using Your Credentials

Authentication Method

Our API uses Basic Authentication:

Authorization: Basic <base64-encoded-credentials>

Where the credentials are formatted as:

  • Username: Your Client ID
  • Password: Your Client Secret

Code Example

const apiRequest = async () => {
  const clientId = 'your_client_id';
  const clientSecret = 'your_client_secret';
  
  // Create Basic Auth header by encoding clientId:clientSecret in base64
  const authString = Buffer.from(`${clientId}:${clientSecret}`).toString('base64');
  
  const response = await fetch('https://api.example.com/endpoint', {
    method: 'POST',
    headers: {
      'Authorization': `Basic ${authString}`,
      'Content-Type': 'application/json'
    },
    body: JSON.stringify({
      // Your request data
    })
  });
  
  const data = await response.json();
  return data;
};

Step 3: Set Up Webhook URL (Optional)

If your integration requires webhooks:

  1. During API key generation, you'll be prompted to add your webhook URL
  2. Enter the full URL where you want to receive notifications
  3. Ensure this endpoint is publicly accessible and can handle POST requests

Security Best Practices

  1. Never share your Client Secret in client-side code or public repositories
  2. Regularly rotate your API keys for enhanced security
  3. Use environment variables to store credentials in your application
  4. Implement proper error handling for authentication failures
  5. Only whitelist the IP addresses that absolutely need API access

Support

If you encounter any issues with API authentication, please contact our support team at support@example.com or open a support ticket from your dashboard.