🔑 Sandbox Credentials

Sandbox Authentication

To access the sandbox environment and make API calls, you’ll need to authenticate using your credentials. Here’s how to get started:

Authentication Flow

Required Credentials

Before making any API calls, you’ll need the following credentials:

• Api Key
• Secret

Getting an Authentication Token

To get an authentication token, make a POST request to the authentication endpoint:

$
curl -X POST 'https://api-sandbox.koywe.com/api/v1/auth/sign-in' \
>
-H 'Content-Type: application/json' \
>
-d '{
>
  "apiKey": "your_apiKey",
>
  "secret": "your_secret"
>
}'

Request Parameters

Example Response

1
{
2
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
3
}

Using the Token

Once you have received the token, include it in the Authorization header of all subsequent API requests:

$
curl -X POST 'https://api-sandbox.userow.com/rest/api/v1/payment' \
>
-H 'Content-Type: application/json' \
>
-H 'Authorization: Bearer your_token_here' \
>
-d '{
>
  // Your request payload
>
}'

Token Expiration

The authentication token expires after a certain period (typically 1 hour). When the token expires, you’ll need to make a new authentication request to get a fresh token.

Error Responses

If the authentication fails, you’ll receive an error response:

1
{
2
  "error": "Invalid credentials",
3
  "message": "The provided username or password is incorrect"
4
}

Common error scenarios:

• Invalid api-key or secret
• Missing required fields
• Malformed request

Best Practices

1. Secure Storage: Never store credentials in plain text or commit them to version control
2. Token Management: Implement proper token storage and refresh mechanisms
3. Error Handling: Always handle authentication errors gracefully
4. Environment Variables: Use environment variables for sensitive information

Need Help?

If you encounter any issues with authentication or need help with your credentials, please contact our support team.