Skip to main content

API Key Authentication

All CashQ API requests require authentication using an API Key. Your API key identifies your merchant account and authorizes access to the CashQ platform.

How to Authenticate

Include your API key in the request header of every API call: 
API-KEY: your_api_key_here

Example Request

curl -X GET 'https://api.cashqbot.com/api/agent_balance' \
  -H 'API-KEY: your_api_key_here'

Getting Your API Credentials

Sandbox Credentials

To get credentials for the Sandbox environment:
  1. Fill out the Sandbox Request Form
  2. You’ll receive your API key via email within 24 hours
  3. Use the sandbox base URL: https://api.cashqbot.com/

Production Credentials

When you’re ready to go live:
  1. Contact our support team at [email protected]
  2. We’ll provide your production environment credentials
  3. You’ll receive a separate API key for production use
Keep Your API Keys Secure
  • Never share your API keys publicly
  • Don’t commit API keys to version control
  • Use environment variables to store API keys
  • Rotate your keys periodically
  • Use different keys for sandbox and production

Separate Credentials Per Environment

You will have separate API credentials for each environment:
EnvironmentPurposeHow to Get
SandboxTesting and developmentRequest via form
ProductionLive transactionsContact support
Data created or modified in each environment will not affect the other, and data cannot be transferred between environments.

Authentication Errors

If your API key is missing or invalid, you’ll receive an error response: 
{
  "error": {
    "message": "Invalid or missing API key",
    "code": "authentication_error"
  },
  "success": "false"
}

Common Authentication Issues

Problem: Request doesn’t include the API-KEY header.Solution: Ensure you’re including the header in every request:
API-KEY: your_api_key_here
Problem: The API key is incorrect or has been revoked.Solution:
  • Verify you’re using the correct API key
  • Check if you’re using the right key for the environment (sandbox vs production)
  • Contact support if you believe your key should be valid
Problem: Using a sandbox key with production URL or vice versa.Solution: Ensure your API key matches the environment:
  • Sandbox key → https://api.cashqbot.com/
  • Production key → Production URL (provided by support)

Best Practices

Use Environment Variables

Store API keys in environment variables, not in your code:
export CASHQ_API_KEY="your_api_key_here"

Separate Keys

Always use different API keys for sandbox and production environments.

Secure Storage

Never commit API keys to version control or share them publicly.

Regular Rotation

Rotate your API keys periodically for enhanced security.

Next Steps

Make Your First Request

Follow our quickstart guide to make your first authenticated API request.