At xPay, we follow the Basic Auth RFC (RFC 7617) standard for authenticating requests made to our API. This ensures secure and straightforward access to the platform.
How Basic Authentication Works
const createHeaders = (username, password) => {
const auth = `${username}:${password}`;
const encodedAuth = Buffer.from(auth).toString("base64");
return {
Authorization: `Basic ${encodedAuth}`,
};
};
// Usage
const headers = createHeaders("<xPay Public Key>", "<xPay Private Key>");
console.log(headers);
// Never expose your API keys in your code or publicly.
// For security purposes, always store your keys in your environment variables.
// Exposing your keys can compromise your xPay account and the security of your transactions.
// The axios library is a popular choice for making HTTP requests in Node.js and supports Basic Authentication natively.
Authorization: Basic <credentials>
<credentials> represents your xPay authentication details — specifically, your xPay Public Key and xPay Private Key. These are combined and Base64 encoded for transmission:
Go through Get Your Keys document to obtain your
xPay authentication keys. Combine Public and Private Keys
Combine the xPay Public Key and xPay Private Key with a colon : separating them, forming this string:<xPay Public Key>:<xPay Private Key>
Encode Credentials Using Base64
Add the Authorization Header
Send the encoded credentials as part of your API request’s Authorization header.
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
This Base64-encoded string represents the combination of username:password, in
your case, the xPay Public Key and xPay Private Key.
Using Postman for API Authentication
To simulate API requests using Postman, follow these steps:
Select Basic Auth in Postman
Navigate to the Authorization tab in Postman. Under the Type dropdown,
select Basic Auth.
Enter API Credentials
- In the Username field, enter your xPay Public Key. - In the
Password field, enter your xPay Private Key.
