Skip to main content

Authentication

All SplashPay API requests require authentication using API credentials.

API Credentials

Generate API credentials from: Merchant Portal → Developers → API Keys
Used in Sandbox environment.
X-API-KEY: pk_test_xxxxxxxxxxxxx
X-API-SECRET: sk_test_xxxxxxxxxxxxx

Required Headers

X-API-KEY: pk_live_xxxxxxxxxxxxx
X-API-SECRET: sk_live_xxxxxxxxxxxxx
Idempotency-Key: Unique-Request-ID
Content-Type: application/json
Accept: application/json

Example Request

curl --request GET \
  --url https://api.splashpay.co.tz/api/v1/payments/mobile-money \
  --header "X-API-KEY: pk_live_xxxxxxxxx" \
  --header "X-API-SECRET: sk_live_xxxxxxxxx" \
  --header "Idempotency-Key: Unique-Request-ID"

Authentication Errors

StatusDescription
401Invalid API credentials
403Access denied
429Too many requests

Never expose your API Secret in frontend applications, mobile apps, or public repositories.

Best Practices

Store API credentials in environment variables.
Rotate API secrets regularly.
Use Sandbox credentials during development.
Keep API secrets private.

Next Steps

Initiate Collection

Create payment requests and collect payments.

Webhooks

Receive transaction updates automatically.