HwebPay Logo
HwebPay
Docs Authentication

Authentication

HwebPay uses API keys to authenticate requests. You can view and manage your API keys in the HwebPay Dashboard.

Never Share Your Secret Keys

Your Secret Keys (sk_...) carry full administrative privileges for your account. Ensure they are kept server-side and never exposed in client-side code, frontend repositories, or shared documentation.

API Keys

Key Type Environment Usage Context
sk_test_... Sandbox Standard Bearer token for server-to-server development.
pk_test_... Sandbox Client-side key used in inline.js or Mobile SDKs.
sk_live_... Production Production-ready key for real financial operations.

Authentication Header

Include your Secret Key in the Authorization header of every server-side request.

HTTP Header
Authorization: Bearer sk_live_823120938...
Content-Type: application/json

Public Key Usage

When using our **Inline Checkout** or UI components, we utilize the Public Key (pk_...). This key only allows "Initialization" permissions and is safe to be exposed in your HTML/JS files.

Previous Page

Quickstart

Next Page

Accept Payments

© 2026 HwebPay Docs Portal

Developer Community