Retrieve Application Keys

Application keys are unique to your merchant account.

Applications keys are what uniquely identifies your merchant account when integrating. Service delivery and issue resolution are all dependent on these keys. There are 2 categories of keys under your merchant account settings

General Keys

Public Key

This is a unique identifier of your merchant account. It is required to make every API request to the platform

‚Äč

Secret Key

This is uniquely assigned to your merchant account. It is required to make every API request to the platform that requires authentication. Both the Public and Secret Key have to be included in the API request where authentication is mandatory.

Header: secret-key

When making API requests that need authentication, the secret key should be provided using a header secret-key

e.g"secret-key: SECK-83he8237gju3yg2i3"

Generating keys

If you haven't generated your Application keys already, the button to generate them will display on your account dashboard as soon as you select your merchant account at login.

Retrieving Keys

If you have already generated them;

  1. Click settings from the side menu of your account.

  2. Got to API Settings and you will see your public key.

NOTE We do not display your secret key under your account because we do not store it in plain text. Once you have generated it on request, we encrypt and store only the encrypted version of it. When you later include it in your authenticated API requests, we encrypt the one you send us and compare it with the encrypted version stored on our side.

Re-Generate Keys

To re-generate your keys, you will need to go to > settings > API Settings under your merchant account > Click the edit(pencil icon) button > Click Generate Button

Only the secret key will be re-generated and replaced with the older one. You must copy the newly generated key all the time before clicking the green save button as you will not be able to see it again. You will need to re-generate a new one whenever it's misplaced or compromised since it's used as the API password to your merchant account during API request authentication.