Get Started
Getting API credentials
You can find and manage your API credentials on the Paycashless Dashboard. API credentials are used to authenticate and sign API requests.
Never expose your credentials in client-side code. Keep them in a secure environment with limited access.
Credential Types
Each Paycashless account comes with the following API credentials:
| Credential | Purpose |
|---|---|
| Sandbox API Key | Authenticate test API requests. Used for development. |
| Sandbox Secret Key | Used in test environments to sign API requests. |
| Live API Key | Authenticate live API requests. |
| Live Secret Key | Used in production to sign API requests. |
Request Signing
Every request made to Paycashless APIs must be signed using your API Secret Key. This ensures request authenticity and integrity. Refer to the API Signature Guide for implementation examples.
Rotating Keys
Live secret keys can only be revealed once, so copy and store them securely.
You can rotate keys from the Developer Tools section of the dashboard according to your credential rotation policy or if you think your credentials are compromised.
Best Practices
- Do not share your secret keys with anyone.
- Rotate keys periodically or if you suspect exposure.