Skip to main content

Authentication

All API requests must include a valid API key. This guide explains how to authenticate requests using the x-api-key header and how authentication errors are handled.

Updated over a month ago

All API requests must include a valid API key.

The API key must be sent using the x-api-key header.

Example request:

GET /v1/transactions HTTP/1.1
Host: api.valpay.com
x-api-key: YOUR_API_KEY

Example curl request:

curl -X 'GET' \   'https://api.valpay.dev/v1/transactions?limit=10&page=0' \
   -H 'accept: application/json' \
   -H 'X-API-KEY: YOUR_API_KEY'

If the API key is invalid or missing, the API will return:

{
   "success": false,
   "code": "INVALID_API_KEY",
   "statusCode": 401,
   "name": "q",
   "timestamp": "2026-03-10T09:05:59.958Z",
   "message": "Invalid API Key",
   "traceId": "f5d6d685-7ae4-491e-9300-3f4de818942b"
 }
Related Articles
Quickstart
Error Handling
Best Practices & Support
Did this answer your question?