API Keys | Noxipay — Professional Payment Solutions

API Key Management

API keys are used to authenticate your requests to the Noxipay API. You can find and manage your API keys in your Noxipay dashboard.

Types of API Keys

Public Keys

pk_test_1234567890abcdef pk_live_1234567890abcdef

Used for client-side operations and can be safely exposed in your frontend code.

Secret Keys

sk_test_1234567890abcdef sk_live_1234567890abcdef

Used for server-side operations and must be kept secure. Never expose in client-side code.

Test vs Live Keys

Test Environment

TEST

Keys start with pk_test_ or sk_test_
Use for development and testing
No real money is processed
Test card numbers available

Live Environment

LIVE

Keys start with pk_live_ or sk_live_
Use for production applications
Real money transactions
Requires account verification

Getting Your API Keys

Login to Dashboard

Go to your Noxipay dashboard and log in to your account

Navigate to API Keys

Go to Settings > API Keys in your dashboard

Copy Your Keys

Copy your test and live API keys for use in your application

Using API Keys

Include your API key in the Authorization header of your requests:

                            HTTP Header
                        
                            Authorization: Bearer pk_live_your_api_key_here

SDK Configuration

PHP

                                <?php
$noxipay = new Noxipay('pk_live_your_api_key_here');
                            

JavaScript

                                const noxipay = require('noxipay');
const client = new noxipay('pk_live_your_api_key_here');
                            

Security Best Practices

🔒 Keep Secret Keys Safe

Never commit secret keys to version control or expose them in client-side code

🔄 Rotate Keys Regularly

Generate new API keys periodically and revoke old ones for better security

🌐 Use Environment Variables

Store API keys in environment variables instead of hardcoding them

📝 Monitor Usage

Regularly check your API usage and monitor for any suspicious activity

Key Rotation

For security purposes, you should rotate your API keys regularly:

Generate New Key

Create a new API key in your dashboard

Update Application

Update your application to use the new API key

Test Thoroughly

Test your application to ensure everything works with the new key

Revoke Old Key

Once confirmed working, revoke the old API key

Next Steps

Authentication

Learn how to authenticate API requests

Testing

Test your integration with test keys