Skip to content

Authenticating your requests

Authenticating your requests

Bearer Auth

Authenticating your API requests is done by passing your API_KEY in the request's HTTP header as the authorization bearer: Authorization: Bearer <API_KEY>.

curl -X GET \
  '<BASE_URL>/v1/balance' \
  --header 'Accept: */*' \
  --header 'Authorization: Bearer <API_KEY>'

Note

As a convention, API Keys will have in their prefix, the environnment and country for which they are valid. ex : djamo_staging_civ_x28ffh2sd... or djamo_staging_sen_9ruyfsfh... or djamo_production_civ_2332JuedC...

Security

All API requests must be made over HTTPS and authenticated. Calls made over plain HTTP will be rejected. API requests without authentication will also be rejected.

Getting your API key

We currently give access to our Business API to selected partners. If you were selected, you should should have received your staging API key as part of your onboarding.

Rotating your API key

For the moment, your API Key can be rotated by simply contacting Djamo.

Please contact your Djamo Business account manager if you need help with retrieving or rotating your API Key.

Danger

Your API Key can be used to move money from your business account and access other sensitive information. So please, make sure to keep it secure!

Do not share your secret API keys with any third parties, and do not expose it in publicly accessible areas such as GitHub, client-side code, etc...