Authentication

To interact with the SmartpayGenie API, you'll need to authenticate your requests using API keys. These keys are generated in your SmartpayGenie developer portal.

API key authentication

Obtain API Keys:

Navigate to the API Keys section.

Generate a new API key pair.

Include API Keys in Requests:

Server-Side Integration: Include your in the header of your HTTP requests.


    const myHeaders = new Headers();
myHeaders.append("token", "TlAWiePV51isvfuRZEHuCOW1ZDBeDHep2rnosIXHRVGvMwyFTMJZUVCeIneQJJ0h");
myHeaders.append("Content-Type", "application/json");

const raw = JSON.stringify({
  "customerId": "49438567-bc45-494c-b57d-80b41f193de7",
  "currency": "kes",
  "channel": "fiat"
});

const requestOptions = {
  method: "POST",
  headers: myHeaders,
  body: raw,
  redirect: "follow"
};

fetch("https://api.switch.tulupay.com/customer/add-account", requestOptions)
  .then((response) => response.text())
  .then((result) => console.log(result))
  .catch((error) => console.error(error));

    }

Client-Side Integration:

While it's generally not recommended to expose your on the client-side, you might use it for specific scenarios. However, be cautious and implement robust security measures.

Security considerations

Secret Key Security:

Never expose your in client-side code.

Store it securely on your server.

Use environment variables or configuration files to manage API keys.

API Key Rotation:

Regularly rotate your API keys to enhance security.

Revoke old keys and generate new ones.

IP Whitelisting:

Consider using IP whitelisting to restrict access to your API.

Configure allowed IP addresses in your SmartpayGenie developer portal.

By following these guidelines, you can ensure the security of your API interactions and protect sensitive data.

<< PREVIOUS

Quick start

NEXT >>

Integration

TABLE OF CONTENT

Authentication API key authentication Security considerations