Skip to main content

Authentication

The WEpayments API uses API keys to authenticate requests. Each API key is associated with a specific email address that has access to your WEpayments account.

How to Create Your API Key

To create and manage your API keys, follow the detailed instructions in our support center:

API Key Creation Guide

Learn how to create and manage your API keys in the WEpayments dashboard

API Keys

Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth. Important: Each API key is linked to an email address with access to your WEpayments account. Make sure the email has the appropriate permissions for the operations you need to perform.

Types of Keys

  • Public Key: Used for client-side operations
  • Secret Key: Used for server-side operations (keep this secure!)

Making Authenticated Requests

Authentication to the API is performed via HTTP Bearer Authentication. Provide your API key in the Authorization header: 
Authorization: Bearer YOUR_API_KEY

Example Request

curl https://api.wepayments.com/v1/transactions \
  -H "Authorization: Bearer YOUR_API_KEY"

Security Best Practices

Never expose your secret API keys in client-side code, public repositories, or insecure locations.
  • Store API keys in environment variables
  • Use different keys for development and production
  • Rotate keys regularly
  • Implement proper access controls
  • Monitor API usage for suspicious activity

Error Handling

If authentication fails, you’ll receive a 401 Unauthorized response: 
{
  "error": {
    "code": "unauthorized",
    "message": "Invalid API key provided"
  }
}