Authentication

Our API is based on a single endpoint architecture approach. The specific operations are determined from the requests sent to this endpoint.

1app authenticates your API requests using your account’s API keys. If you do not include your key when making an API request or use one that is incorrect or outdated, 1app returns an error.

API keys

Every account created on 1app has a priviledge to generate two kinds of API keys:

Secret key: This is the most powerful type of key to authorize any action on your 1app account, so it should never be exposed to the public.
Public key: This key can be used for public API call scenarios, such as in front-end JavaScript code (e.g. List banks, Data Plans etc).

To Manage your API Keys;

Create an account on Boldd - https://useboldd.com/
Log in to your account
Navigate to Settings
Select the API Keys/Webhook tab in the Developers section of the menu to view and copy your keys.

Your secret keys are to be kept secret and only stored on your servers, preferably as an environment variable. Do not include them in your GitHub repository, or use them in client-side code.

If for any reason, you believe your secret key has been compromised, you can reset them from the dashboard

Authorizing API calls

All API requests must be made over HTTPS. All API calls to 1app endpoints require authorization. Any requests made without authorization will fail.

Sample Authorization Header

Authorization: "Bearer YOUR_SECRET_KEY"

Authorization: "Bearer YOUR_PUBLIC_KEY"

Authorization: Bearer 1applive_sk_0a21husgdsyda2dbaa329a9876c917

All API requests exist in either test or live mode, and one mode cannot be manipulated by data in the other.

Base URL

Make calls to our API endpoints with this base URL as a prefix https://api.oneappgo.com/v1

PreviousIntroduction NextBalance

Last updated 5 months ago

Was this helpful?