The StraitsX API allows generation and viewing of API key information through secured endpoints. You can find your API keys on the StraitsX Dashboard Dev Tools page.

🚧
Securing your API Keys
Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

X-XFERS-APP-API-KEY

The app key is used during the Connect API process to:

Create an account
Trigger OTP
Retrieve a User API Token to initiate transfers for your user

Note that this key can be used to retrieve details specific to your account in some API endpoints.

StraitsX Business Dashboard > Dev Tools Tab

X-XFERS-APP-SECRET-KEY

The secret key is used during the Connect API process to generate the signature in the request body.

X-XFERS-USER-API-KEY / User API Token

Note that the user api token is used to initiate API calls specific to your account's users.

Creating a User API token

Creating a User API token is a special task that requires two requests.

1. Connect to a user account

curl --location --request POST 'https://sandbox.xfers.io/api/v3/authorize/signup_login' \
--header 'X-XFERS-APP-API-KEY: t4wsjxpwtk6o9tz20j4baj4ifwibin100py1vrvfsqh' \
--form 'phone_no="+65987654321"' \
--form 'signature="1292a784c0ebd0e1927e0028a975981a793fdd1c"'

curl --location --request POST 'https://www.xfers.io/api/v3/authorize/signup_login' \
--header 'X-XFERS-APP-API-KEY: {{APP_API_KEY}}' \
--form 'phone_no="{{USER_HP_NO}}"' \
--form 'signature="{{SIGNATURE}}"'

2. Get a user account token

curl --location --request GET 'https://sandbox.xfers.io/api/v3/authorize/get_token' \
--header 'X-XFERS-APP-API-KEY: av2x85PgPJ3am93n3Dej7rQ8DN4SaRBX7nkyWyJq-Hc' \
--form 'otp="747156"' \
--form 'phone_no="+6590123456"' \
--form 'signature="8ec34111f61f75c671a844e57c468b21d3b8de84"'

curl --location --request GET 'https://www.xfers.io/api/v3/authorize/get_token' \
--header 'X-XFERS-APP-API-KEY: {{APP_API_KEY}}' \
--form 'otp="{{USER_OTP}}"' \
--form 'phone_no="{{USER_HP_NO}}"' \
--form 'signature="{{SIGNATURE}}"'

Summary of API Keys

All accounts have an app key and secret key for production and live environment. User tokens are created when user account details are submitted.

Environment	API Key	Location
Sandbox	X-XFERS-APP-API-KEY X-XFERS-APP-SECRET-KEY	StraitsX Business Dashboard Toggle to Sandbox Mode Navigate to Dev Tools Tab
Production	X-XFERS-APP-API-KEY X-XFERS-APP-SECRET-KEY	StraitsX Business Dashboard Navigate to Dev Tools Tab
Sandbox/Production	X-XFERS-USER-API-KEY	Retrieve from Get a user account token API

❔
Don't see your API keys? Contact our Support team to generate a sandbox API key for testing.

🚧Securing your API Keys

X-XFERS-APP-API-KEY

X-XFERS-APP-SECRET-KEY

X-XFERS-USER-API-KEY / User API Token

Creating a User API token

1. Connect to a user account

2. Get a user account token

Summary of API Keys

❔

🚧
Securing your API Keys