API Keys

API Keys

API Keys

API keys are essential for integrating Credo into your platform, allowing you to securely authenticate requests and process transactions through our system. Whether you're building a custom checkout experience or automating payments, API keys ensure seamless interaction between your application and Credo.

Types of API Keys

Credo provides two types of API keys:

  1. Public Key (Publishable Key) – Used for frontend interactions, such as initiating transactions from your website.
  2. Secret Key – Used for backend operations, such as verifying transactions, retrieving payment details, or handling refunds.

Important: Keep your secret key confidential. Never share it in your frontend code or expose it publicly.

How to Access Your API Keys

To retrieve your API keys, follow these steps:

  1. Log in to your Credo account.
  2. Navigate to Settings > API Keys.
  3. Here, you will see both the Publishable Key and Secret Key.
  4. Click on the copy icon next to a key to copy it for use in your integration.
  5. If needed, you can click Regenerate Keys to create new API credentials.



Using API Keys for Integration

Your API keys allow you to interact with Credo's payment infrastructure. Here’s how:

  • Use the Publishable Key in client-side requests to initiate transactions.
  • Use the Secret Key in your backend to securely complete, verify, or refund payments.

Base URL for API Requests:

When testing, ensure you are using test API keys before switching to live mode.

Accessing the Demo Environment

Want to test your integration before going live? Follow these steps:

  1. Go to www.credodemo.com.
  2. Sign up and create an account (No activation required for test accounts).
  3. Navigate to Settings > API Keys to retrieve your test keys.
  4. Use the test keys to process sample transactions via https://api.credodemo.com.
  5. Once satisfied with testing, switch to live mode by replacing test keys with your live API credentials.

Security Best Practices

  • πŸ”’ Store your API keys securely in environment variables.
  • 🚫 Never expose your Secret Key in public repositories or client-side code.
  • πŸ”„ Regenerate API keys if you suspect they have been compromised.

Need Help?

If you encounter any issues or need support, reach out to us at hello@credocentral.com. You can also explore our API Documentation for detailed integration guides.