π API Authentication β AeronPay
To ensure secure communication and prevent unauthorized access, all AeronPay API requests require authentication via HTTP headers. Only whitelisted IPs are allowed to access the API services.
π‘οΈ Authentication Requirements
Each API request must include the following headers:
| Header Key | Description | Required |
|---|---|---|
client-id | Unique client identifier provided by AeronPay | β |
client-secret | Secret key mapped to your client ID | β |
Content-Type | Must be set to application/json | β |
π Example Header
POST /api/serviceapi-prod/endpoint-name HTTP/1.1
Host: api.aeronpay.in
client-id: YOUR_CLIENT_ID
client-secret: YOUR_CLIENT_SECRET
Content-Type: application/json
π IP Whitelisting (Mandatory)
For enhanced security, access to AeronPay APIs is restricted to whitelisted IP addresses only. Requests originating from non-whitelisted IPs will be rejected automatically.
To whitelist your IP:
- Share your server's static IP address with the AeronPay technical support team.
- Ensure your application runs from the registered IP to access the APIs.
Note: IP whitelisting is enforced in both UAT and Production environments.
π Tokenless Authentication
AeronPay APIs currently use tokenless header-based authentication. Please keep your client-id and client-secret confidential.
For more details or to request API credentials and IP whitelisting, please contact:
π§ [email protected]