Authentication
Secure your API requests using Bearer Tokens and learn how to manage your Merchant Credentials.
SamaPay uses API Keys to authenticate requests. You can view and manage your API keys in the Merchant Dashboard.
Authentication Flow
Every request to the SamaPay API must include an Authorization header.
Loading Flow...
Security Best Practices
Never expose your Secret Key on the frontend. Always make API calls from your backend server. Use your Public Key for frontend-only operations like the checkout widget.
Key Types
| Key Prefix | Usage | Environment |
|---|---|---|
pk_test_ | Frontend Checkout | Sandbox / Testing |
sk_test_ | Backend API | Sandbox / Testing |
pk_live_ | Frontend Checkout | Production |
sk_live_ | Backend API | Production |
1
Generate Keys
Visit Settings > API Keys in your dashboard to generate your integration credentials.
2
Set Environment Variables
Store your keys securely. We recommend using .env files and never committing them to version control.