Authentication
The StraitsX API uses API keys to authenticate requests. You can view and manage your API keys and secrets on the StraitsX Business Dashboard.
Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
Authentication to the API is performed via HTTP Basic Auth. Provide your API key as the basic auth username value and apply the secret key as the password.
API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.
| Header Parameter Name | Instructions | Security Scheme Type |
|---|---|---|
| X-XFERS-APP-API-KEY | You can retrieve this from your StraitsX Business Dashboard | Used during the Connect process to create an account, trigger OTP and retrieve a User API Token |
| X-XFERS-APP-SECRET-KEY | You can retrieve this from your StraitsX Business Dashboard | Used to generate the signature in the request body of the Connect process |
| X-XFERS-USER-API-KEY | You can retrieve this by using the Get a user account token API | Used to perform actions on behalf of a connected user, such as accepting payments from their Personal Account |
Updated over 1 year ago