Skip to main content
The Yabetoo API uses API keys to authenticate requests. This guide explains how to obtain, use, and secure your API keys.

API Key Types

Yabetoo provides two types of API keys:
Key TypePrefixEnvironmentPurpose
Test Keysk_test_SandboxDevelopment and testing
Live Keysk_live_ProductionReal transactions
Never use your live API key in test environments or expose it in client-side code.

Obtaining Your API Keys

  1. Log in to your Yabetoo Dashboard
  2. Navigate to Developers or go directly to app.yabetoo.com/developers
  3. Copy your test or live API key

Using API Keys

Include your API key in the Authorization header of every request: 
curl -X POST https://pay.sandbox.yabetoopay.com/v1/payment-intents \
  -H "Authorization: Bearer sk_test_XXXXXXXXXXXXXXXXXXXXXXXX" \
  -H "Content-Type: application/json" \
  -d '{"amount": 5000, "currency": "xaf"}'

SDK Examples

import Yabetoo from '@yabetoo/sdk-js';

const yabetoo = new Yabetoo('sk_test_XXXXXXXXXXXXXXXXXXXXXXXX');

Security Best Practices

Store Keys Securely

  • Use environment variables to store API keys
  • Never commit API keys to version control
  • Use a secrets manager in production (AWS Secrets Manager, HashiCorp Vault, etc.)
# .env file (never commit this file)
YABETOO_API_KEY=sk_test_XXXXXXXXXXXXXXXXXXXXXXXX

// Access from environment
const yabetoo = new Yabetoo(process.env.YABETOO_API_KEY);

Restrict Key Access

  • Only give API keys to team members who need them
  • Use different keys for different environments
  • Rotate keys periodically

Regenerating API Keys

If you suspect your API key has been compromised:
  1. Go to Developers in your dashboard
  2. Click Regenerate next to the compromised key
  3. Update your application with the new key
  4. The old key will be immediately invalidated
Regenerating a key immediately invalidates the old key. Ensure your application is updated before regenerating.

Account ID

Some endpoints require an accountId parameter. This is your merchant account identifier, found in your dashboard. 
const session = await yabetoo.sessions.create({
  total: 5000,
  currency: 'XAF',
  accountId: 'acct_XXXXXXXXXXXXXXXX', // Your account ID
  successUrl: 'https://example.com/success',
  cancelUrl: 'https://example.com/cancel'
});
For questions about authentication, contact our support team at [email protected]