RukaPay
RukaPay

API Keys

Gateway API keys for x-api-key authentication on /api/v1/gateway endpoints.

Overview

API keys authenticate requests to the Gateway API. Keys are 32–64 character strings, stored hashed server-side. Send via x-api-key header on every request.

Partner auth modes

  • API_KEY_ONLY — only x-api-key required
  • API_KEY_AND_TOKEN — also requires one-time bearer from POST /api/v1/gateway/partners/generate-token

Obtaining keys

  1. Partner account created via Gateway Admin or public signup
  2. API key issued in partner dashboard or admin console
  3. Use sandbox keys against https://dev-api.rukapay.net/api/v1/gateway/process-transfer-sandbox and https://dev-api.rukapay.net/api/v1/gateway/validate-beneficiary-sandbox (see Environments)

Security

  • Never expose keys in mobile or browser code
  • Rotate revoked or compromised keys immediately
  • Use environment variables in production

Getting Started · Authentication