Skip to main content

Authentication

Secure your API requests with Payvessel’s authentication system. All API requests to Payvessel must be authenticated using your API credentials. This ensures that only authorized applications can access your account and process payments.

🔐 API Key

Your unique identifier for API access

� API Secret

Your secret token for request authentication

Authentication Headers

Include these headers in every API request: 
{
  "api-key": "PVKEY-FNLYA8DW2LGZE6KFI0K4AA7N5JP",
  "api-secret": "Bearer PVSECRET-5LZNFFNT8N9NF6SXUZPWEYQ0Q2Y",
  "Content-Type": "application/json"
}
Keep your credentials secure! Never expose your API secret in client-side code or public repositories.

Environment Details

🧪 Sandbox Environment

The sandbox environment is dedicated to test and development phases. 
https://sandbox.payvessel.com

🚀 Production Environment

The production environment is dedicated to live applications with real connections to institutions. 
https://api.payvessel.com

Key Rotation

Regular key rotation is essential for maintaining security:
1

Generate New Key

Create a new API key in your Payvessel dashboard
2

Update Application

Deploy your application with the new key
3

Test Thoroughly

Verify all functionality works with the new key
4

Revoke Old Key

Disable the old key once the new one is confirmed working

Troubleshooting Authentication

Common causes:
  • Invalid or expired API key
  • Missing Authorization header
  • Key used in wrong environment
Solutions:
  • Verify key format and environment
  • Check header spelling and format
  • Regenerate key if necessary
Common causes:
  • Insufficient permissions for the operation
  • Account not verified for live transactions
  • API key doesn’t have required scopes
Solutions:
  • Check account verification status
  • Verify API key permissions
  • Contact support for scope issues