Authentication & Headers
Authentication & Headers​
Every PayWise API request must be authenticated using HTTP headers:
PW-subscription-key: <live_or_dev_key>– subscription key scoped to environment and gateway policy.PayWise-Environment: sandboxorproduction– explicitly declare the environment even if the key is scoped.PayWise-Version: YYYY-MM-DD– request the API version closest to the features you need. Defaults to the latest stable release.Idempotency-Key(on POST/PATCH) – e.g.,PayWise-Request-<uuid>to guarantee at-most-once operations.
Protect keys and rotate them on a schedule. Monitor usage per key and revoke/destroy keys that show unexpected activity.