🔑 Sandbox Credentials

Sandbox Authentication

To access the sandbox environment and make API calls, you’ll need to authenticate using your credentials. Here’s how to get started:

Authentication Flow

Required Credentials

Before making any API calls, you’ll need the following credentials:

  • Api Key
  • Secret

Getting an Authentication Token

To get an authentication token, make a POST request to the authentication endpoint:

$curl -X POST 'https://api-sandbox.koywe.com/api/v1/auth/sign-in' \
>-H 'Content-Type: application/json' \
>-d '{
> "apiKey": "your_apiKey",
> "secret": "your_secret"
>}'

Request Parameters

ParameterTypeRequiredDescription
apiKeystringYesYour api key
secretstringYesYour api key secret

Example Response

1{
2 "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
3}

Using the Token

Once you have received the token, include it in the Authorization header of all subsequent API requests:

$curl -X POST 'https://api-sandbox.userow.com/rest/api/v1/payment' \
>-H 'Content-Type: application/json' \
>-H 'Authorization: Bearer your_token_here' \
>-d '{
> // Your request payload
>}'

Token Expiration

The authentication token expires after a certain period (typically 1 hour). When the token expires, you’ll need to make a new authentication request to get a fresh token.

Error Responses

If the authentication fails, you’ll receive an error response:

1{
2 "error": "Invalid credentials",
3 "message": "The provided username or password is incorrect"
4}

Common error scenarios:

  • Invalid api-key or secret
  • Missing required fields
  • Malformed request

Best Practices

  1. Secure Storage: Never store credentials in plain text or commit them to version control
  2. Token Management: Implement proper token storage and refresh mechanisms
  3. Error Handling: Always handle authentication errors gracefully
  4. Environment Variables: Use environment variables for sensitive information

Need Help?

If you encounter any issues with authentication or need help with your credentials, please contact our support team.