API Authentication

🔐 API Authentication – AeronPay

To ensure secure communication and prevent unauthorized access, all AeronPay API requests require authentication via HTTP headers. Only whitelisted IPs are allowed to access the API services.

🛡️ Authentication Requirements

Each API request must include the following headers:

Header KeyDescriptionRequired
client-idUnique client identifier provided by AeronPay
client-secretSecret key mapped to your client ID
Content-TypeMust be set to application/json

📍 Example Header

POST /api/serviceapi-prod/endpoint-name HTTP/1.1
Host: api.aeronpay.in
client-id: YOUR_CLIENT_ID
client-secret: YOUR_CLIENT_SECRET
Content-Type: application/json

🔐 IP Whitelisting (Mandatory)

For enhanced security, access to AeronPay APIs is restricted to whitelisted IP addresses only. Requests originating from non-whitelisted IPs will be rejected automatically.

To whitelist your IP:

  • Share your server's static IP address with the AeronPay technical support team.
  • Ensure your application runs from the registered IP to access the APIs.

Note: IP whitelisting is enforced in both UAT and Production environments.


🔄 Tokenless Authentication

AeronPay APIs currently use tokenless header-based authentication. Please keep your client-id and client-secret confidential.


For more details or to request API credentials and IP whitelisting, please contact:
📧 [email protected]