Authentication/Integration/API keys are used in API integration, Pre-build integrations, and Mobile SDK integration.

In this article you will learn about:

Where to find the API keys?

The integration keys are available at Merchant Dashboard > Developers > API Keys > Key Management. You can add several keys and revoke any of the generated keys at any point.

Revoking any key will stop any integration that uses it from working, keys cannot be recovered after being revoked

How to generate new API key?

Click the (+) icon to generate new API keys.

Now you can use these keys in any integration method that PayTabs provides. 

What is the default signature key?

As you can notice after creating multiple keys, a button (set as default signature key) can be found next to one or more of your keys (as in the following figure)

What is the signature?

After payment a callback/IPN (server-to-server call) would be sent to the target URL with all transaction details, the signature is the way to verify the source of the callback request.

To learn more about How to verify the response received from PayTabs? (Signature Verification), How to configure Instant payment notification (IPN), or what is the callback, kindly check the following resources: 
- How to verify the response received from PayTabs? (Signature Verification)
- How to configure Instant payment notification (IPN)?
Request/Response Parameters | The Callback URL (callback)

The signature key

Usually, Paytabs uses the same server key used in the initial payment request to encrypt the callback/IPN signature, note that those initial payment requests are done via PT2 APIs using a server key.

However, the transactions that are created using other channels (PayLinks, Dashboard invoices) don't have the initial payment request nor the server key on the request headers, this is the reason for using the default signature key.

Setting the default signature key

By setting the default signature key, you are asking Paytabs to use this key as the default key to encrypt the signature, in case the used channel doesn't have a server key in creating the transaction process like (PayLink, Dashboard invoices).