const createHeaders = (username, password) => {
  const auth = `${username}:${password}`;
  const encodedAuth = Buffer.from(auth).toString("base64");
  return {
    Authorization: `Basic ${encodedAuth}`,
  };
};

// Usage
const headers = createHeaders("<xPay Public Key>", "<xPay Private Key>");
console.log(headers);

// Never expose your API keys in your code or publicly.
// For security purposes, always store your keys in your environment variables.
// Exposing your keys can compromise your xPay account and the security of your transactions.

// The axios library is a popular choice for making HTTP requests in Node.js and supports Basic Authentication natively.

At xPay, we follow the Basic Auth RFC (RFC 7617) standard for authenticating requests made to our API. This ensures secure and straightforward access to the platform.

How Basic Authentication Works

const createHeaders = (username, password) => {
  const auth = `${username}:${password}`;
  const encodedAuth = Buffer.from(auth).toString("base64");
  return {
    Authorization: `Basic ${encodedAuth}`,
  };
};

// Usage
const headers = createHeaders("<xPay Public Key>", "<xPay Private Key>");
console.log(headers);

// Never expose your API keys in your code or publicly.
// For security purposes, always store your keys in your environment variables.
// Exposing your keys can compromise your xPay account and the security of your transactions.

// The axios library is a popular choice for making HTTP requests in Node.js and supports Basic Authentication natively.

In Basic HTTP Authentication, your request will contain an Authorization header with the following format:

Authorization: Basic <credentials>

Where <credentials> represents your xPay authentication details — specifically, your xPay Public Key and xPay Private Key. These are combined and Base64 encoded for transmission:

Go through Get Your Keys document to obtain your xPay authentication keys.

1

Combine Public and Private Keys

Combine the xPay Public Key and xPay Private Key with a colon : separating them, forming this string:<xPay Public Key>:<xPay Private Key>

2

Encode Credentials Using Base64

3

Add the Authorization Header

Send the encoded credentials as part of your API request’s Authorization header.

For example, a typical Authorization header would look like:

Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

This Base64-encoded string represents the combination of username:password, in your case, the xPay Public Key and xPay Private Key.

Using Postman for API Authentication

To simulate API requests using Postman, follow these steps:

1

Select Basic Auth in Postman

Navigate to the Authorization tab in Postman. Under the Type dropdown, select Basic Auth.

2

Enter API Credentials

  • In the Username field, enter your xPay Public Key. - In the Password field, enter your xPay Private Key.

Postman will automatically handle the Base64 encoding and include the Authorization header in your requests.