API Authentication

πŸ” API Authentication – AeronPay

To ensure secure communication and prevent unauthorized access, all AeronPay API requests require authentication via HTTP headers. Only whitelisted IPs are allowed to access the API services.

πŸ›‘οΈ Authentication Requirements

Each API request must include the following headers:

Header KeyDescriptionRequired
client-idUnique client identifier provided by AeronPayβœ…
client-secretSecret key mapped to your client IDβœ…
Content-TypeMust be set to application/jsonβœ…

πŸ“ Example Header

POST /api/serviceapi-prod/endpoint-name HTTP/1.1
Host: api.aeronpay.in
client-id: YOUR_CLIENT_ID
client-secret: YOUR_CLIENT_SECRET
Content-Type: application/json

πŸ” IP Whitelisting (Mandatory)

For enhanced security, access to AeronPay APIs is restricted to whitelisted IP addresses only. Requests originating from non-whitelisted IPs will be rejected automatically.

To whitelist your IP:

  • Share your server's static IP address with the AeronPay technical support team.
  • Ensure your application runs from the registered IP to access the APIs.

❗

Note: IP whitelisting is enforced in both UAT and Production environments.


πŸ”„ Tokenless Authentication

AeronPay APIs currently use tokenless header-based authentication. Please keep your client-id and client-secret confidential.


For more details or to request API credentials and IP whitelisting, please contact:
πŸ“§ [email protected]