Authentication

Most APIs in this integration require authentication. The only exception is the /orders/pay API, which does not require any authentication and can be safely done from the browser as well.

Standard authentication

  • The standard authentication uses two specific headers x-client-id and x-client-secret. Please pass your appId and secretKey in these fields. (see screenshot below to access these from dashboard)
  • Please ensure that your secret key is securely placed and cannot be accessed by anyone.
  • Also never call any API which requires authentication from the client as that would require you to expose the secret key to the client.

Below is a curl request which shows how to pass these headers in the API call.

curl --request {REQUEST-TYPE} \
  --url https://sandbox.cashfree.com/pg/{resource} \
  --header 'Content-Type: application/json' \
  --header 'x-api-version: 2021-05-21' \
  --header 'x-client-id: <YOUR_APP_ID>' \
  --header 'x-client-secret: <YOUR_SECRET_KEY>'
  ...
  ...
Login to the merchant dashboard and visit the developers section to access your appId and secret key.Login to the merchant dashboard and visit the developers section to access your appId and secret key.

Login to the merchant dashboard and visit the developers section to access your appId and secret key.


Did this page help you?