Authentication

AccruPay uses API secret-based authentication. This guide explains how to obtain, configure, and use your API credentials.

API Secret

Your API secret is a unique identifier that authenticates your requests to the AccruPay API. It's generated in the Merchant Portal and should be kept secure.

Obtaining Your API Secret

Log in to the AccruPay Merchant Portal
Navigate to Settings → API Keys
Click Generate API Key or copy an existing one
Store it securely in your environment variables

Security Best Practices

Never commit your API secret to version control
Store it in environment variables or a secure secret manager
Rotate your API secret periodically
Use different secrets for different environments (production vs QA)

SDK Configuration

Basic Configuration

import AccruPay from '@accrupay/node';

const sdk = new AccruPay({
  apiSecret: process.env.ACCRUPAY_API_SECRET,
  environment: 'production',
});

Environment Configuration

// Production
const productionSdk = new AccruPay({
  apiSecret: process.env.ACCRUPAY_API_SECRET_PROD,
  environment: 'production',
});

// QA/Testing
const qaSdk = new AccruPay({
  apiSecret: process.env.ACCRUPAY_API_SECRET_QA,
  environment: 'qa',
});

// Custom URL
const customSdk = new AccruPay({
  apiSecret: process.env.ACCRUPAY_API_SECRET,
  url: 'https://custom-api.example.com/graphql',
});

Error Handling Configuration

const sdk = new AccruPay({
  apiSecret: process.env.ACCRUPAY_API_SECRET,
  environment: 'production',
  
  // Handle authentication errors (401, 403)
  onAuthError: () => {
    console.error('Authentication failed - check your API secret');
    // Implement re-authentication logic
  },
  
  // Handle GraphQL errors (validation, business logic)
  onGraphQLError: (errors) => {
    errors.forEach(error => {
      console.error('GraphQL Error:', error.message);
      if (error.extensions?.code) {
        console.error('Error Code:', error.extensions.code);
      }
    });
  },
  
  // Handle network errors (timeout, connection issues)
  onNetworkError: (error) => {
    console.error('Network Error:', error.message);
    // Implement retry logic
  },
});

Environment Variables

Using .env Files

# .env
ACCRUPAY_API_SECRET=your-api-secret-here
NODE_ENV=production

Loading in Your Application

import AccruPay from '@accrupay/node';
import dotenv from 'dotenv';

dotenv.config();

const sdk = new AccruPay({
  apiSecret: process.env.ACCRUPAY_API_SECRET!,
  environment: process.env.NODE_ENV === 'production' ? 'production' : 'qa',
});

API Endpoints

Production

https://api.pay.accru.co/graphql

QA

https://api.qa.pay.accru.co/graphql

Troubleshooting

Authentication Failed

If you receive authentication errors:

Verify your API secret is correct
Check that you're using the correct environment
Ensure your API secret hasn't been revoked
Confirm your network allows connections to the API

Expired Token

API secrets don't expire by default, but can be revoked. If you're experiencing issues:

Check the Merchant Portal for API key status
Generate a new API key if needed
Update your environment variables

Next Steps

API Reference - Learn about the GraphQL API
SDK Reference - Explore SDK services

API Secret​

Obtaining Your API Secret​

Security Best Practices​

SDK Configuration​

Basic Configuration​

Environment Configuration​

Error Handling Configuration​

Environment Variables​

Using .env Files​

Loading in Your Application​

API Endpoints​

Production​

QA​

Troubleshooting​

Authentication Failed​

Expired Token​

Next Steps​