Overview
API keys allow you to interact with the PayGate Public API programmatically.
Creating API Keys
- Go to paygate.getaether.xyz
- Navigate to Settings → API Keys
- Click Create API Key
- Enter a label (e.g., “Production”, “Development”)
- Copy and securely store the key
API keys are shown only once. Store them securely - you cannot retrieve them later.
pk_0234decff71667369ce0c6de873cad2a4ce88e470ea4d8afda2704391bf34df8
- Prefix:
pk_ (public key)
- Length: 64 hex characters
- Unique per account
Using API Keys
Include the API key in the X-API-Key header:
curl -X GET "https://api-paygate.getaether.xyz/public/products" \
-H "X-API-Key: pk_your_api_key_here" \
-H "Content-Type: application/json"
TypeScript Example
const PAYGATE_API_KEY = process.env.PAYGATE_API_KEY;
const BASE_URL = 'https://api-paygate.getaether.xyz';
async function getProducts() {
const response = await fetch(`${BASE_URL}/public/products`, {
headers: {
'X-API-Key': PAYGATE_API_KEY,
'Content-Type': 'application/json'
}
});
return response.json();
}
Available Endpoints
With a valid API key, you can access:
| Endpoint | Method | Description |
|---|
/public/products | GET | List all your products |
/public/products/:id | GET | Get specific product |
/public/stats | GET | Get payment statistics |
/public/access/check | POST | Check wallet access |
/public/verify/:txHash | GET | Verify transaction |
/public/feature/verify | POST | Verify access token |
/public/feature/tokens | GET | List access tokens |
/public/feature/revoke | POST | Revoke access token |
Rate Limits
| Tier | Requests/min | Requests/day |
|---|
| Free | 60 | 10,000 |
| Pro | 300 | 100,000 |
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 59
X-RateLimit-Reset: 1704067260
Key Security
Best Practices
- Never expose in frontend - Only use on server-side
- Use environment variables - Don’t hardcode keys
- Rotate regularly - Create new keys periodically
- Limit scope - Use separate keys for dev/prod
- Monitor usage - Check for unusual activity
Environment Variables
# Development
PAYGATE_API_KEY_DEV=pk_dev_key_here
# Production
PAYGATE_API_KEY_PROD=pk_prod_key_here
const apiKey = process.env.NODE_ENV === 'production'
? process.env.PAYGATE_API_KEY_PROD
: process.env.PAYGATE_API_KEY_DEV;
Managing Keys
List Keys
View all keys in Settings → API Keys. Shows:
- Key prefix (first 12 characters)
- Label
- Created date
- Last used
Revoke Keys
- Go to Settings → API Keys
- Find the key to revoke
- Click Revoke
- Confirm
Revoking a key immediately invalidates it. Any applications using that key will stop working.
Error Responses
Invalid Key
{
"error": "Invalid or expired API key",
"code": "INVALID_API_KEY"
}
Missing Key
{
"error": "API key required",
"code": "MISSING_API_KEY"
}
Rate Limited
{
"error": "Rate limit exceeded",
"code": "RATE_LIMITED",
"retryAfter": 60
}
Testing
With cURL
# Test your API key
curl -X GET "https://api-paygate.getaether.xyz/public/stats" \
-H "X-API-Key: pk_your_key" \
-H "Content-Type: application/json"
{
"totalRevenue": 125.50,
"totalTransactions": 47,
"productCount": 5
}
Common Issues
| Issue | Solution |
|---|
Invalid API key | Check for typos, ensure key is active |
API key required | Add X-API-Key header |
Rate limited | Wait and retry, or upgrade tier |
