🔐 API Authentication – AeronPay
To ensure secure communication and prevent unauthorized access, all AeronPay API requests require authentication via HTTP headers. Only whitelisted IPs are allowed to access the API services.
🛡️ Authentication Requirements
Each API request must include the following headers:
| Header Key | Description | Required |
|---|---|---|
client-id | Unique client identifier provided by AeronPay | ✅ |
client-secret | Secret key mapped to your client ID | ✅ |
Content-Type | Must be set to application/json | ✅ |
📍 Example Header
POST /api/serviceapi-prod/endpoint-name HTTP/1.1
Host: api.aeronpay.in
client-id: YOUR_CLIENT_ID
client-secret: YOUR_CLIENT_SECRET
Content-Type: application/json🔐 IP Whitelisting (Mandatory)
For enhanced security, access to AeronPay APIs is restricted to whitelisted IP addresses only. Requests originating from non-whitelisted IPs will be rejected automatically.
To whitelist your IP:
- Share your server's static IP address with the AeronPay technical support team.
- Ensure your application runs from the registered IP to access the APIs.
Note: IP whitelisting is enforced in both UAT and Production environments.
🔄 Tokenless Authentication
AeronPay APIs currently use tokenless header-based authentication. Please keep your client-id and client-secret confidential.
For more details or to request API credentials and IP whitelisting, please contact:
📧 [email protected]