PayMongo

PayMongo API Reference

Welcome to the PayMongo developer hub. You'll find comprehensive guides and documentation to help you start working with PayMongo as quickly as possible, as well as support if you get stuck. Let's jump right in!

API Reference    

Authentication

Your API requests to PayMongo API must be authenticated using your account's API keys. An authentication error will be returned if the API key is not provided or invalid.

Every PayMongo account is provided with API keys for testing to try out PayMongo API and for running live requests. Your API keys are available on the Developers module of the dashboard.

Test and live mode

To test our API, you can send API requests in test mode. This means all requests will not process actual payments. The test and live modes function almost the same with a few differences:

  • In test mode, payments are not actually processed by our payment processing providers, and only our test sample data can be used.
  • Some API resources such as sources have a more complicated flow in live mode. It requires more steps than those in test mode.
  • You can only get your live API keys once your account is activated. You can toggle from the left side of your dashboard's sidebar if you want to get your test/live API keys.

Public and Secret keys

Public Key
This API key is solely used to identify your account when calling PayMongo API from the client-side.

Secret Key
If the public key is used from the client-side, the secret key is meant to be kept confidential and only stored on your own servers. Secret API key can perform any API requests to PayMongo without restriction and with access to overall data. Public API key has restricted data for some endpoints.

❗️

Never share your secret keys

Treat your secret keys like your passwords. The best practice is to store the secret key in your server's environment variable and not hardcoded in your codebase. If, for any reason, you believe that your secret keys have been compromised, please contact us immediately at [email protected] so we can revoke the old keys and give you new ones.

We're working on making the regeneration of keys available on the dashboard.

Example of API keys

API Key

Test or Live Mode?

Public or Secret?

pk_live_1vnisVErtpKCmLz92kFnm7zn

live

Public

sk_live_6vyisVErtpKCpLK9hkmT3zgn

live

Secret

pk_test_1vaiknErtpKCpLKnhkaT37gn

test

Public

sk_test_2byzkVErtpKCpLK9hkFT37gn

test

Secret

Authenticate using your API keys

To authenticate your API requests, use HTTP Basic Auth and provide your API key as the basic auth username, encoded in Base64. You can leave the password field empty. Don't worry, it'll be encrypted when sent.

You can try our API Reference section or use an API tool such as Postman to test your API keys.

Updated 7 months ago


Authentication


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.