What are the API keys and what are they used for?

Smartpay authenticates your API requests using your account's API keys. If you don't include your key when making an API request, Smartpay will return an error.

Every account has separate keys for testing and for running live transactions. All API requests in either test or live mode, and objects in one mode are not compatible for operations with the other mode.

In addition to the keys for test and live modes, there are key types, public and secret keys.

• Public API keys: Not secret information but used solely for identifying your Smartpay account. In other words, you can use them in public places like your Smartpay.js or JavaScript code or on the Android or iPhone app.

• Secret API keys: Need to be handled as secret information and stored only on your own server. Never share your secret API keys with any third parties. Anyone with your secret API keys can perform any API requests to Smartpay without restriction. If Smartpay believes that your secret API key is compromised, we may cancel and reissue it, potentially resulting in an interruption to your Smartpay services.

Every Smartpay merchant has a total of four keys: a public and secret key pair for both test mode and live mode.

Your Smartpay API keys can be found on your Smartpay Dashboard, under the settings > credential page.