Authorization

To interact with the Payfonte API, you need to authenticate your requests. Authorization is required for all API calls to ensure the security and integrity of the payment transactions. Payfonte uses industry-standard authentication mechanisms to protect your account and data. !> ❗️ Security !> We strongly advised that the client-secret should not be used on any frontend application or saved in any frontend application storage as it grants an attacker full access to the client’s data and resources on the platform.

Account Creation

You can create an account in any environment you want to work with. We advise you create a sandbox account for testing purposes only as it doesn’t scale for production workload. PS: Default verification code on sandbox is 4777

Authorization

You can find your client-id and client-secret in the Settings > API Keys/Webhook section. These parameters should be passed in the headers only. The client-secret should not be used on any frontend application as it gives an attacker full access to your platform.

Client ID and Client Secret

Payfonte uses a combination client-id and client-secret keys for authentication. To obtain both keys, you need to create an account with Payfonte and generate your client-id and client-secret from the account settings. The client-secret acts as a secret token that authenticates your requests to Payfonte.

Using the Credentials

To include the client-id and client-secret in your API requests, you should include it as an HTTP header. The exact method for including the client-id and client-secret may vary depending on the API endpoint and the programming language or framework you are using. Here’s an example of including the client-id and client-secret as an HTTP header: 
//header of the request should contain:
curl --request POST \
  --url http://sandbox-api.payfonte.com/... \
  --header 'Content-Type: application/json' \
  --header 'client-id: <client-id>' \
  --header 'client-secret: <client-secret>'
Replace <client-id> with your actual client-id and <client-secret> with your actual client-secret obtained from Payfonte Note: Keep your client-secret secure and do not share it with unauthorized parties. Treat it as a sensitive piece of information to protect the integrity and security of your payment transactions.