Authentication

This section explains how to authenticate your requests to the xMoney API.

API keys

xMoney uses API keys to authenticate your requests. You can find your API keys in the xMoney Dashboard. To learn how to locate and manage your API keys, see the Get started guide.

To authenticate your request, you need to include your API key in the Authorization header. The value of the header should be Bearer YOUR_API_KEY.

Here's an example of how to include your API key in a curl request:

curl -X GET \
  https://api-stage.twispay.com/order \
  -H 'Authorization: Bearer YOUR_API_KEY'

Your API keys are secret and should not be shared with anyone. If your API key is compromised, you should regenerate it immediately.

Error response

If your request is not authenticated, you will receive a 401 Unauthorized response.

{
  "code": 401,
  "message": "Unauthorized"
}

Here are some possible reasons why you might receive a 401 Unauthorized response:

You have not included your Private Key in the Authorization header.
You have included an invalid Private Key in the Authorization header.
Your Private Key has been revoked.

If you are receiving a 401 Unauthorized response and you are sure that you are including a valid Private Key in the Authorization header, please contact xMoney support for assistance.

Authentication

API keys

Error response

Was this helpful?