API Documentation

Authentication

Suggest Edits

NetappsPay API authentication process validates the identity of the client attempting to make a connection by using an authentication protocol.

Environments

  • Test Environment: Our test environment allows you to test your integration before going live. In addition, test mode allows you to simulate transactions without involving actual funds, using only test data such as test cards and bank accounts. Please note that the test mode imitates the live mode even though the data involved are faux.

  • Live Environment: Transactions performed on the live mode involve real money and actual transactions. We recommend you use the live mode only when all integrations have been tested and confirmed okay to go live.

📘

Note

Upon creating a NetappsPay account, you are provided with two types of API keys: the test key and the live key. Test keys are exclusively meant for development purposes for a test business, whereas live keys can be employed for live transactions. It is recommended to use the live key only when you are satisfied with the integration.

Secret key: This is the strongest kind of key. It should never be shared with the public because it has the power to authorise any action on your behalf.

Public key: This is the key you'll employ in "public" circumstances, such as front-end JavaScript code (e.g. NetappsPay Integration).

How to get your API key

  • Sign in to your NetappsPay dashboard.
  • On the Dashboard, click the "Api Key/Webhook" menu
  • Click the "Generate New Keys" to generate your API keys.

🚧

Always generate new keys when you feel your secret keys have been exposed to the public such as git repositories.

Authorizing API Calls

📘

Every request made over the NetappsPay APIs is authenticated. Without authorization, any API request will fail with the status code 401: that is Unauthorized. You must pass your secret key as a bearer token from your server to allow API calls, that is passing an Authorization header with a value of "Bearer: YOURSECRET_KEY".

An API call in node.js could look like this:

const response = await got.post(API_URL, {
  headers: {
      Authorization: `Bearer ${SECRET_KEY}`
  },
  json: {
      // Your payload
  }
});

You don't need to manually pass the header if you're using one of our back-end SDKs; instead, you'll provide your keys when the library is initialized.

const Nettpay = require('nettlib');
const np = new Netlib(SECRET_KEY);

Updated over 1 year ago