Skip to main content

Introduction

The purpose of this document is to provide a comprehensive guide to offer detailed insights into our API environments, and Authentication methods to be used at the time of integration.

1. Environment

1.1. Testing (Sandbox)

Before integrating with the live production system, you have the option to test features on our dedicated test server. Access sample data and simulated transactions to ensure a smooth and error-free integration process. Experiment with the functionalities in a controlled environment before deploying to the production system for a seamless experience.

Base URL for Sandbox https://test.xprizo.com/api

1.2 Production (Live)

Once you have completed your testing phase, you can transition to the live environment by directing your system to the production server.

Base URL for Live https://wallet.xprizo.com/api

2. Authentication

Xprizo employs JWT tokens and API keys as authentication methods for accessing API functions. You have the flexibility to choose either authentication method when interacting with the endpoints. You need to pass a JWT token or API key in the header of each request.

** You need to use a processing profile to create a token or key to use all API endpoints.

2.1. JSON Web Tokens (JWT)

2.1.1. Creating a Token

Creating a token is done by calling the GetToken endpoint with your username and password. If you are not a registered user you can register by going to the Sandbox or Live server.

Log in to the system using a username and password. You will receive back a JWT Bearer token that you will need to make secure API requests.

Request:

curl --location '{baseurl}/Security/GetToken' \
--header 'accept: text/plain; x-api-version=1.0' \
--header 'x-api-version: 1.0' \
--header 'Content-Type: application/json; x-api-version=1.0' \
--data-raw '{
  "userName": "use username, mobile number to email",
  "password": "your password"
}'

Response:

{
  "id": <a unique Id>,
  "token": <use this token for furture calls>,
  "expires": <the time the token expires>
}

2.1.2. Usages of Token

Use this token in the header of all secure requests to other endpoint

curl -X 'GET' \
  '{baseurl}/Wallet/Info?contact=1' \
  -H 'accept: text/plain' \
  -H 'Authorization: bearer <token>

2.2. API Keys

2.2.1. Creating an API Key

To configure your API key, access your User Account, navigate to 'settings' by clicking the profile icon, and locate 'security' in the list. Within the security settings, you will find an option to set the API key. It's important to note that if the API key is removed, a new key must be issued and utilized for transactions.

Screenshot 2024-01-22 213458.png

2.2.2. Usages of API Key

Use the API key in the header in the following way.

curl --location --request GET '{baseurl}/Wallet/Info?contact={username/emailid/mobilenumber}&currencyCode={currencyCode}' \
--header 'Accept: text/plain; x-api-version=1.0' \
--header 'x-api-version: {apiversion}' \
--header 'x-api-key: {apikey}'


2.3. Know your account ID

To submit deposits for processing, you will need your accountId (wallet ID) from your account. You can find this by the following process, login to your account and open settings, find ‘wallet’ on the list and you will find an ID associated with the wallet of required currency. If a wallet doesn’t exist, you will be required to create one by clicking the Add.png button.