API Key Authentication

Every request to the ALPPAY Merchant API must include your account-level API key for basic identification.

1. API-KEY Header

  • Header Name: API-KEY
  • Value Format: your API key string (e.g. ak_live_1234567890abcdef)
  • Where to Find: ALPPAY Dashboard → SettingsAPI Keys

2. Example with cURL

curl https://api.alppay.io/v2/payment \
-X POST \
-H "Content-Type: application/json" \
-H "API-KEY: ak_live_1234567890abcdef" \
-d '{"amount":"250.00","asset":{"short":"USDT","network":"tron"}}'

3. Example in Node.js

import fetch from 'node-fetch';

async function createPayment() {
const response = await fetch('https://api.alppay.io/v2/payment', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'API-KEY': 'ak_live_1234567890abcdef',
},
body: JSON.stringify({
amount: '250.00',
asset: { short: 'USDT', network: 'tron' },
}),
});
const data = await response.json();
console.log(data);
}

createPayment();

4. Example in Python

import requests

url = 'https://api.alppay.io/v2/payment'
headers = {
'Content-Type': 'application/json',
'API-KEY': 'ak_live_1234567890abcdef',
}
payload = {
'amount': '250.00',
'asset': {'short': 'USDT', 'network': 'tron'},
}
resp = requests.post(url, json=payload, headers=headers)
print(resp.status_code, resp.json())

5. Troubleshooting & Errors

  • 401 Unauthorized: invalid or expired API key.
  • 403 Forbidden: your key does not have access to this resource.
  • Tips:
  • Double-check header spelling and key value.
  • Rotate your key in the dashboard if you suspect compromise.
  • For payload integrity, pair with HMAC signature (see “Authentication → HMAC Signature”).

Up next

HMAC Signature Authentication

Explore whether you're living your life or just reacting to everyone else's.