FedaPay authenticates your requests via the API using the API keys of your account. If you don’t include your key when you make a request, or if you use an incorrect or old key, FedaPay will return an error.
Each account is provided with two keys : one for testing and one for live transactions. All requests through the API exist either in test or live mode, and objects (customers, transactions) in one mode cannot be manipulated by objects in the other mode.
There are also two types of API keys: public and secret.
- Secret API keys must be kept confidential and stored only on your own servers. The secret API key of your account can make any API request to FedaPay without restriction.
Get your API keys
Your API keys are available on the dashboard of your account.
Use only your test API keys for testing and development. It prevents you from editing or deleting your real customers or transactions by mistake.
Secure your keys
Your secret API key can be used to perform an operation on behalf of your account. For example, create transactions or make refunds. You should grant access to your API keys only to those who need them. Make sure they do not appear in any version control system you use.
If an API key is compromised, regenerate new keys to block it and make it unusable from your dashboard.
FedaPay has official libraries for different programming languages and mobile platforms.