Our API is based on a single endpoint architecture approach. The specific operations are determined from the requests sent to this endpoint.
1app authenticates your API requests using your account’s API keys. If you do not include your key when making an API request or use one that is incorrect or outdated, 1app returns an error.
API keys
Every account created on 1app has a priviledge to generate two kinds of API keys:
Secret key: This is the most powerful type of key to authorize any action on your 1app account, so it should never be exposed to the public.
Public key: This key can be used for public API call scenarios, such as in front-end JavaScript code (e.g. List banks, Data Plans etc).
To Manage your API Keys;
Log in to your 1app account Dashboard.
Navigate to Settings
Select the API Keys/Webhook tab in the Developers section of the menu to view and copy your keys.
Your secret keys are to be kept secret and only stored on your servers, preferably as an environment variable. Do not include them in your GitHub repository, or use them in client-side code.
If for any reason, you believe your secret key has been compromised, you can reset them from the dashboard
Authorizing API calls
All API requests must be made over HTTPS. All API calls to 1app endpoints require authorization. Any requests made without authorization will fail.