Authentication

Getting your API Key

To access your API keys:

Log in to the Walapay Dashboard using your account credentials.
Navigate to the API Management tab.
Locate the API keys section. Here, you'll find your API key.

Upon obtaining your API keys, it's crucial to implement practices that ensure their security:

Never expose your API keys in publicly accessible areas such as client-side code (e.g., JavaScript within web browsers), public repositories, or forums. Exposure can lead to unauthorized access to your Walapay account, potentially compromising your transactions and data.
Store your API keys securely on your server, using environment variables or a secure secrets management service. Ensure that only authorized personnel within your organization have access to these keys.
Regularly rotate your API keys through the Walapay Dashboard to minimize the risk of old keys being misused. Inform your team about key rotations to avoid disruptions in your application's functionality.
All API calls should be made from your server's backend. This practice prevents exposure of sensitive information to the client side, where it can be more easily intercepted or manipulated by malicious actors.

Using your API Key in a Request

Any request that doesn't include an API key in the headers will return an error.

Example Request

curl -v -X POST https://sandbox-api.walapay.io/v1/payments/<entityId> \
-H 'Content-Type: application/json' \
-H 'X-Api-Key: OLQiCyqOpVwigKQQDu3CYlamZ1KTKQmhrbAZK85RIy4IiWh9d_up_lTadp_lfXdV' \
-H 'X-Idempotency-Key: 183uy098hf02h480hf02h2084hf02h2084hf02h' \
-d '{
  ....
}'