Skip to main content
The API uses Bearer (Token) Authentication to authenticate requests. The value of this bearer token is a JSON Web Token (JWT), which is passed in the Authorization HTTP header and signed by a private API Key. 
curl -X GET https://api.example.gr4vy.app/transactions \
  -H "authorization: bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIi..."

Create a new API key

To use the API you need to generate a new API key. Please reach out to your Wpay representative who provides you with the API key.
  • Using an SDK
  • Without an SDK
Using an SDK is the most simple way to call and authenticate with the API. When using one of the SDKs to call the API, authentication is handled by the SDK client. Simply initialize the SDK with the private key to handle authentication.

Install a server-side SDK

Use the package manager in the preferred programming language to install the server-side SDK. Token generation can only be done server side and doing this client side is not recommended as it exposes the API key to customers.
dotnet add package Gr4vy
Please always check and install the latest release of the preferred SDK.

Initialize the SDK client

Next, initialize the SDK with the ID of the instance and the private key.
using Gr4vy;
using Gr4vy.Models.Components;
using System.Collections.Generic;

// Loaded the key from a file, env variable, 
// or anywhere else
var privateKey = "..."; 

var sdk = new Gr4vySDK(
    id: "example",
    server: SDKConfig.Server.Sandbox,
    bearerAuthSource: Auth.WithToken(privateKey),
    merchantAccountId: "default"
);
The instance ID is the unique identifier for the deployment of the system and is included in every API call. Together with the environment (sandbox or production) it is used to connect to the right APIs, as well as dashboard.The possible values for your ID are one of wpay, wpay1, wpay2, or wpay3. You are informed in which instance your account has been set up.

Summary

In this step you:
  • Learned about API authentication
  • Created a new private key for the API
  • Used an SDK to authenticate or manually created a token