Keys and authentication
Last updated
Last updated
The API and Secret keys will be provided by our team at the end of the onboarding process.
Please maintain secure custody of credentials and promptly report any issues. The XGateway team is available to assist with any questions or concerns.
The API key is an automatically generated unique identifier used for authorizing API requests.
It is crucial to keep the API key confidential and not share it with unauthorized individuals, as it can be used to access account funds and associated digital assets.
The x-api-key
header should be included to authorize API requests.
The secret key is an automatically generated unique identifier used for creating a hash for callback data verification. This ensures the callback originates from the payment processing system.
It is crucial to keep the secret key confidential and not share it with unauthorized individuals. While it does not provide account access, it should still be protected.
If the secret key is compromised, it could allow fake callbacks and withdrawal requests to be sent to your system. Please keep the secret key secure and confidential.
It is crucial to keep the password confidential and not share it with unauthorized individuals, as it can be used to access account funds and associated digital assets.
To sign in to your back office, you will need the email and password configured during onboarding. You can change your password via the back office after the first sign-in or by contacting the .