Authentication

The StraitsX API uses API keys to authenticate requests. You can view and manage your API keys and secrets on the StraitsX Business Dashboard.

Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

Authentication to the API is performed via HTTP Basic Auth. Provide your API key as the basic auth username value and apply the secret key as the password.

API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.

Header Parameter Name

Instructions

Security Scheme Type

X-XFERS-APP-API-KEY

You can retrieve this from your StraitsX Business Dashboard

Used during the Connect process to create an account, trigger OTP and retrieve a User API Token

X-XFERS-APP-SECRET-KEY

You can retrieve this from your StraitsX Business Dashboard

Used to generate the signature in the request body of the Connect process

X-XFERS-USER-API-KEY

You can retrieve this by using the Get a user account token API

Used to perform actions on behalf of a connected user, such as accepting payments from their Personal Account


Did this page help you?