authentication
divit uses an API key to authenticate requests. for some public endpoints that allow rapid payment order creation, we also employ a signature key to sign the parameters or payload content. please check the admin-portal branch details page for API-key and signature key settings.
a. API key​
you can generate an API key at the "branch details" page of the divit admin portal. to authenticate an API request, simply include the key in the header:
sample api-key: dvt_rREeGJ4FXp69nQEJ7Arq08stvtacFyPrTzKr
remember, your API keys grant various permissions and should be kept private. avoid sharing your API keys in public spaces like GitHub, client-side code, etc.
b. signature key​
you can assign your own secret signature key value at the "branch details" page of the divit admin portal, under the API keys section, where you will find a "signature key" button.
caution
divit does not keep the original value of your API-Key. ensure your API keys are kept safe and secure.