Skip to main content
The Yabetoo API uses API keys to authenticate requests. This guide explains how to obtain, use, and secure your API keys.

API Key Types

Yabetoo provides two types of API keys:
Never use your live API key in test environments or expose it in client-side code.

Obtaining Your API Keys

  1. Log in to your Yabetoo Dashboard
  2. Navigate to Developers or go directly to app.yabetoo.com/developers
  3. Copy your test or live API key

Using API Keys

Include your API key in the Authorization header of every request:

SDK Examples

Security Best Practices

Store Keys Securely

  • Use environment variables to store API keys
  • Never commit API keys to version control
  • Use a secrets manager in production (AWS Secrets Manager, HashiCorp Vault, etc.)

Restrict Key Access

  • Only give API keys to team members who need them
  • Use different keys for different environments
  • Rotate keys periodically

Regenerating API Keys

If you suspect your API key has been compromised:
  1. Go to Developers in your dashboard
  2. Click Regenerate next to the compromised key
  3. Update your application with the new key
  4. The old key will be immediately invalidated
Regenerating a key immediately invalidates the old key. Ensure your application is updated before regenerating.

Account ID

Some endpoints require an accountId parameter. This is your merchant account identifier, found in your dashboard.
For questions about authentication, contact our support team at support@yabetoopay.com