Introduction

API Reference Guide

API Changelog

Understand Razorpay APIs

Authentication

Sandbox Setup

Best Practices

Glossary

Payments

Orders

Payments

Downtime

Settlements

Instant Settlements

Refunds

Disputes

Documents

Customers

Payment Links

QR Codes

Invoices

Subscriptions

Route

Smart Collect

Smart Collect With TPV

Smart Collect 2.0

TPAP Pro

Customer Onboarding

Accounts Management

Payments

Mandates Flow

Bills

About Bills

Bills Entity

Create a Bill

Update a Bill

Delete a Bill

Partners

Account

Product Configuration

Stakeholder

Documents

Webhooks

Payout APIs

Get Started

Account Validation

Fetch Balance

Composite Account Validation

Contacts

Fund Accounts

Payouts

Payouts to Cards

Payout Composite

Payouts Approval

Payout Idempotency

Payout Links

Payout Wallet - Amazon

Transactions

Custom Payment Links

Postman Collection

Implement Thematic Changes in Payment Links Checkout Section

Change Business Name and Description

Customize Payment Methods

Prefill Checkout Fields

Rename Labels in Checkout Section

Advanced Options

Receive Payments via Bank Transfer

Offers on Payment Links

Managing Reminders for Payment Links

Perform Third-Party Validation Using Payment Links

Transfer Payments Received Using Payment Links

Api

Authentication

API Authentication

Authentication process for Razorpay APIs.

Check how to authenticate the APIs.

API Authentication

All Razorpay APIs are authenticated using Basic Auth. Basic auth requires the following:

  • [YOUR_KEY_ID]
  • [YOUR_KEY_SECRET]

Basic auth expects an Authorization header for each request in the Basic base64token format. Here, base64token is a base64 encoded string of YOUR_KEY_ID:YOUR_KEY_SECRET.

Watch Out!

The Authorization header value should strictly adhere to the format mentioned above. Invalid formats will result in authentication failures. Few examples of invalid headers are: BASIC base64token, basic base64token, Basic "base64token" and Basic $base64token.

Generate API Keys

You can generate API Keys from the Dashboard.

Follow these steps to generate API keys:

  1. Log in to your Dashboard with the appropriate credentials.
  2. Select the mode (Test or Live) for which you want to generate the API key.
    • Test Mode: The test mode is a simulation mode that you can use to test your integration flow. Your customers will not be able to make payments in this mode.
    • Live Mode: When your integration is complete, switch to live mode and generate live mode API keys. In the integration, replace test mode keys with live mode keys to accept customer payments.
  3. Navigate to Account & SettingsAPI Keys (under Website and app settings) → Generate Key to generate key for the selected mode.

The Key Id and Key Secret appear on a pop-up page.

Test Mode API Keys

Watch this video to see how to generate API keys in the test mode.

Live Mode API Keys

Watch Out!

  • After generating the keys from the Dashboard, download and save them securely. You can use only one set of API keys. If you do not remember your API keys, you must

    regenerate them

    from the Dashboard and update them wherever the previous keys were used for payment gateway integrations.
  • API Keys are universal; that is, they are applicable to all websites and apps that you have whitelisted for your Merchant ID.
  • Do not share your API Key secret with anyone or on any public platforms. This can pose security threats to your Razorpay account.
  • Once you generate the API Keys, only the Key Id is visible on the Dashboard, not the Key secret, as it can pose security threats to your Razorpay account.
  • Use the Live API Keys to accept live payments and the Test API Keys for test transactions.

Roll API Keys

You can roll the Live and Test mode API keys if you have lost them or exposed them. You can choose to regenerate the API keys by deactivating them immediately or after 24 hours.

Know how to

regenerate Razorpay API keys

.

Related Information

Was this page helpful?

authentication
api authentication
api keys

ON THIS PAGE