API Authentication & Sandbox Setup
Authentication process for Razorpay APIs and sandbox setup for testing the APIs.
Check how to authenticate the APIs.
All Razorpay APIs are authenticated using Basic Auth. Basic auth requires the following:
[YOUR_KEY_ID][YOUR_KEY_SECRET]
Basic auth expects an Authorization header for each request in the Basic base64token format. Here, base64token is a base64 encoded string of YOUR_KEY_ID:YOUR_KEY_SECRET.
Watch Out!
The Authorization header value should strictly adhere to the format mentioned above. Invalid formats will result in authentication failures.
Few examples of invalid headers are: BASIC base64token, basic base64token, Basic "base64token" and Basic $base64token.
Follow these steps to generate API keys:
- Log in to your with the appropriate credentials.
- Select the mode (Test or Live) for which you want to generate the API key.
- Test Mode: The test mode is a simulation mode that you can use to test your integration flow. Your customers will not be able to make payments in this mode.
- Live Mode: When your integration is complete, switch to live mode and generate live mode API keys. In the integration, replace test mode keys with live mode keys to accept customer payments.
- Navigate to Account & Settings → API Keys (under Website and app settings) → Generate Key to generate key for the selected mode.
The Key Id and Key Secret appear on a pop-up page.
Watch this video to see how to generate API keys in the test mode.
Watch Out!
- After generating the keys from the Dashboard, download and save them securely. You can use only one set of API keys. If you don't remember your API keys, you must from the dashboard and update them wherever the previous keys were used for payment gateway integrations.
- API Keys are universal; that is, they are applicable to all websites and apps that you have whitelisted for your Merchant ID.
- Do not share your API Key secret with anyone or on any public platforms. This can pose security threats to your Razorpay account.
- Once you generate the API Keys, only the Key Id is visible on the Dashboard, not the Key secret, as it can pose security threats to your Razorpay account.
- Use the Live API Keys to accept live payments and the Test API Keys for test transactions.
You can roll the Live and Test mode API keys if you have lost them or exposed them. You can choose to regenerate the API keys by deactivating them immediately or after 24 hours.
Know how to
.The test mode on the Razorpay Dashboard provides a sandbox environment for you to test Razorpay products during the integration process.
The test mode is a simulation mode. Your customers will not be able to make payments in this mode.
- Dashboard: You can test the products on the Razorpay Dashboard by switching to the test mode.
- API: You can generate the API keys in test mode on the Razorpay Dashboard and use these for authenticating the API requests.
After the integration or product testing is complete:
- Switch to the live mode of the Razorpay Dashboard and generate the live API keys.
- Switch the test API keys with the live ones to take the integration live.
The client SDK libraries are available on GitHub. You can use the API keys generated above to try out the API sample codes:
Was this page helpful?