Skip to main content
API keys authenticate requests to Paygentic. Each key belongs to a specific user and inherits that user’s permissions.

Key Format

Keys are environment-specific:
EnvironmentPrefixBase URLUsage
Sandboxsk_test_api.sandbox.paygentic.ioDevelopment and testing
Livesk_live_api.paygentic.ioProduction
Sandbox keys only work with sandbox endpoints. Live keys only work with production endpoints.

Creating Keys

  1. Login to Paygentic Dashboard
  2. Navigate to Settings → API Keys
  3. Click Create New Key
  4. Name the key descriptively
  5. Copy immediately - it won’t be shown again
Store keys securely. Use environment variables or secret managers, never commit to version control.

Managing Keys

Viewing Keys
  • See all active keys
  • Check creation and last-used dates
  • Identify by descriptive names
  • View partial values (last 4 characters)
Revoking Keys Navigate to Settings → API Keys, find the key, click Revoke. Revocation is immediate - applications using that key will fail authentication.

Usage

Include keys in the Authorization header using Bearer authentication scheme.

Security Practices

Mandatory
  • Never commit keys to git
  • Use environment variables
  • Rotate keys regularly
  • Revoke compromised keys immediately
  • Use sandbox keys for development only
Recommended
  • Separate keys per application
  • Monitor usage to find inactive keys
  • Document which applications use which keys
  • Use descriptive key names

Troubleshooting

Authentication Failures
  • Verify correct key format
  • Check key hasn’t been revoked
  • Confirm environment match (test vs live)
  • Use correct base URL for environment
Permission Errors
  • Verify user permissions for the key
  • Check organization context
  • Contact admin for permission changes