API Portal: Manage API Keys and Webhooks
An app for managing Request Network API keys and webhooks.
Last updated
Was this helpful?
An app for managing Request Network API keys and webhooks.
Last updated
Was this helpful?
The Request Network API Portal provides app developers with a platform to securely manage their API keys and webhook endpoints.
Create and Manage API Keys: Users can create new API keys for authentication.
Toggle and Delete API Keys: API keys can be toggled on and off, or deleted if no longer needed, enhancing control over API access.
Security Guidelines: API keys are sensitive and should never be shared publicly. In case of compromise, users are advised to create a new key, update their code, and delete the compromised key.
Multiple Keys: Allows the creation of multiple API keys for different environments or applications.
Create and Manage Webhooks: App developers can configure webhook endpoints to receive real-time notifications for payment events.
Security Guidelines: Each webhook request includes a signature in the `x-request-network-signature` header to ensure authenticity.
Signature Verification: The signature is a SHA-256 HMAC of the request body, signed using the webhook secret.
Example Verification Code:
Navigate to the "API Keys" section.
Click on "Create new key."
Store the key securely and never share it publicly.
Navigate to the "Webhooks" section.
Click on "Add webhook."
Enter the endpoint URL and ensure the endpoint is secure and can handle incoming JSON payloads.
Keep API keys and webhook secrets secure. Never expose them in public repositories or client-side code.
Verify all webhook signatures to ensure authenticity and integrity.
Use HTTPS for all endpoints to encrypt communication.
