At xPay, we follow the Basic Auth RFC (RFC 7617) standard for authenticating requests made to our API. This ensures secure and straightforward access to the platform.

How Basic Authentication Works

In Basic HTTP Authentication, your request will contain an Authorization header with the following format:

Authorization: Basic <credentials>

Where <credentials> represents your xPay authentication details — specifically, your xPay Public Key and xPay Private Key. These are combined and Base64 encoded for transmission:

Go through Get Your Keys document to obtain your xPay authentication keys.

1

Combine Public and Private Keys

Combine the xPay Public Key and xPay Private Key with a colon : separating them, forming this string:<xPay Public Key>:<xPay Private Key>

2

Encode Credentials Using Base64

3

Add the Authorization Header

Send the encoded credentials as part of your API request’s Authorization header.

For example, a typical Authorization header would look like:

Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

This Base64-encoded string represents the combination of username:password, in your case, the xPay Public Key and xPay Private Key.

Using Postman for API Authentication

To simulate API requests using Postman, follow these steps:

1

Select Basic Auth in Postman

Navigate to the Authorization tab in Postman. Under the Type dropdown, select Basic Auth.

2

Enter API Credentials

  • In the Username field, enter your xPay Public Key. - In the Password field, enter your xPay Private Key.

Postman will automatically handle the Base64 encoding and include the Authorization header in your requests.

Was this page helpful?

API IntroductionPayment Statuses