Authentication
Test Mode vs Live Mode
Authenticate your API calls by including your secret key in the Authorization header of every request you make.
There are two "modes" of operation for your Bank3D account:
- Live Mode: Real money, real transactions, real effects. Only switch to this after you've tested your integration thoroughly.
- Test Mode: No real money is involved. Only our test cards and bank accounts can be used.
API Keys
When you sign up for Bank3D account, you're ..... .
To get your keys:
- start here
in case your keys have been compromised,
If you think your keys have been compromised, you should immediately request for new ones using ....
This will invalidate all existing keys and give you a new set, and you can then update your app to use the new ones.
Authorizing API calls
All API calls on Bank3D are authenticated. API request made without authorization will fail with the status code 401: Unauthorized.
Info
Your secret key can perform any actions on your Bank3D account without restriction. It should be kept confidential and only stored on your servers, preferably as an environment variable.
It should not be included in your Git repository or front-end JavaScript code.
To authorize API calls from your server, pass your secret key as a bear token.
This means passing an Authorization header with a value of "Bearer: YOUR_SECRET_KEY".
for example, an API call should look like this in Node.js
const response = await got.post("https://ibridge.uat.bank3d.ng/v1/rest/Payments/Bulk/New", {
headers: {
Authorization: `Bearer ${process.env.BANK3D_SECRET_KEY}`
},
json: {
// Your payload
}
});
If you're using one of our backend SDKs, you don't need to pass the header manually; instead you'll provide your keys when initialising the library.
//install with npm i netpay-lib
const Netpay = require('netpay-lib');
Updated over 1 year ago