Redpay API Authentication

To ensure secure access to the Redpay API, we support two methods of authentication: passing the transaction token in the query parameter for utility payment APIs and passing the app access token in the header as Bearer token for all financial APIs. This guide will walk you through both methods.

Overview

API authentication is crucial for securing your API endpoints and ensuring that only authorized clients can access the services. Redpay supports two authentication methods:

• Authentication via Query Parameter (Utility Payments)
• Authentication via Bearer Token (Financial APIs)

1. Authentication via Query Parameter (Utility Payments)

For utility payment APIs, include the transaction token in the URL as a query parameter:

GET /apiservice/utility_payments?token=YOUR_TOKEN

Example using curl:

curl -X GET "https://redpay.in/apiservice/utility_payments?token=YOUR_TOKEN"

Supported utility payments include electricity, water, broadband, and other similar services.

2. Authentication via Header (Financial APIs)

For financial APIs, include the app access token as Bearer in the Authorization header:

Authorization: Bearer your_token_here

Example using curl:

curl -X POST https://redpay.in/apiservice/v1/financial/endpoint \
                -H Authorization: Bearer your_token_here

Financial APIs include services such as domestic money transfers, AePS transactions, and payouts to vendors.

Obtaining Tokens

To obtain an transaction token, log in to the Redpay Developer API Portal:

1. Go to the Redpay Developer API Portal.
2. Sign in with your account credentials.
3. Navigate to the Developer Api section.
4. Generate a new token and copy it.

To obtain an app access token, you can either login or use the get-token API:

1. Login via Log in API with your account credentials to automatically receive an app access token.
2. Alternatively, you can use the get-tokens API to programmatically revoke and obtain a new app access token.

Token Expiry and Refresh

Currently, there is no specific lifespan for the access token. If you encounter any issues or if the token becomes invalid, you may need to generate a new token from the Developer API Portal.

• Transaction Token: Developers can revoke a transaction token via the Developer API Portal if necessary.
• App Access Token: The app access token will be automatically revoked daily upon user login, requiring re-authentication or via get-tokens API

Conclusion

By following these steps, you can securely authenticate and access the Redpay API using either method based on the type of service. For more details, refer to the full API documentation available on the Redpay Developer Portal.