The StraitsX API allows generation and viewing of API key information through secured endpoints. You can find your API keys on the StraitsX Dashboard Dev Tools page.

🚧

Securing your API Keys

Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

X-XFERS-APP-API-KEY

The app key is used during the Connect API process to:

  1. Create an account
  2. Trigger OTP
  3. Retrieve a User API Token to initiate transfers for your user

Note that this key can be used to retrieve details specific to your account in some API endpoints.

StraitsX Business Dashboard > Dev Tools TabStraitsX Business Dashboard > Dev Tools Tab

StraitsX Business Dashboard > Dev Tools Tab

X-XFERS-APP-SECRET-KEY

The secret key is used during the Connect API process to generate the signature in the request body.

X-XFERS-USER-API-KEY / User API Token

Note that the user api token is used to initiate API calls specific to your account's users.

Creating a User API token

Creating a User API token is a special task that requires two requests.

curl --location --request POST 'https://sandbox.xfers.io/api/v3/authorize/signup_login' \
--header 'X-XFERS-APP-API-KEY: t4wsjxpwtk6o9tz20j4baj4ifwibin100py1vrvfsqh' \
--form 'phone_no="+65987654321"' \
--form 'signature="1292a784c0ebd0e1927e0028a975981a793fdd1c"'
curl --location --request POST 'https://www.xfers.io/api/v3/authorize/signup_login' \
--header 'X-XFERS-APP-API-KEY: {{APP_API_KEY}}' \
--form 'phone_no="{{USER_HP_NO}}"' \
--form 'signature="{{SIGNATURE}}"'

curl --location --request GET 'https://sandbox.xfers.io/api/v3/authorize/get_token' \
--header 'X-XFERS-APP-API-KEY: av2x85PgPJ3am93n3Dej7rQ8DN4SaRBX7nkyWyJq-Hc' \
--form 'otp="747156"' \
--form 'phone_no="+6590123456"' \
--form 'signature="8ec34111f61f75c671a844e57c468b21d3b8de84"'
curl --location --request GET 'https://www.xfers.io/api/v3/authorize/get_token' \
--header 'X-XFERS-APP-API-KEY: {{APP_API_KEY}}' \
--form 'otp="{{USER_OTP}}"' \
--form 'phone_no="{{USER_HP_NO}}"' \
--form 'signature="{{SIGNATURE}}"'

Summary of API Keys

All accounts have an app key and secret key for production and live environment. User tokens are created when user account details are submitted.

Environment

API Key

Location

Sandbox

X-XFERS-APP-API-KEY
X-XFERS-APP-SECRET-KEY

  1. StraitsX Business Dashboard
  2. Toggle to Sandbox Mode
  3. Navigate to Dev Tools Tab

Production

X-XFERS-APP-API-KEY
X-XFERS-APP-SECRET-KEY

  1. StraitsX Business Dashboard
  2. Navigate to Dev Tools Tab

Sandbox/Production

X-XFERS-USER-API-KEY

Retrieve from Get a user account token API

❔

Don't see your API keys? Contact our Support team to generate a sandbox API key for testing.


What’s Next
Did this page help you?