Authentication

This section explains how to authenticate your requests to the xMoney Crypto API using API keys.

API keys

To generate the API key for the authentication of requests, head to the Merchant Dashboard (sandbox or production) and in the Organizations tab view and generate your keys. The generated key will have a u_live or u_test prefix in order to be distinguished between our sandbox and production environments, respectively. You will also see the Webhooks secret which you will need to verify the events signature, save it for later.

Here's an example of how to include your API key in a curl request:

curl -X GET \
 https://merchants.api.crypto.xmoney.com/api/stores/orders/ \
  -H 'Authorization: Bearer YOUR_API_KEY'

Your API keys are secret and should not be shared with anyone. If your API key is compromised, you should regenerate it immediately.

Error response

If your request is not authenticated, you will receive a 401 Unauthorized response.

{
  "code": 401,
  "message": "invalid_api_key"
}

Here are some possible reasons why you might receive a 401 Unauthorized response:

You have not included your API Key in the Authorization header.
You have included an invalid API Key in the Authorization header.

If you are receiving a 401 Unauthorized response and you are sure that you are including a valid API Key in the Authorization header, please contact xMoney support for assistance.

Authentication

API keys

Error response

Was this helpful?