Authentication
API Key Authentication
All API requests require authentication using an API key. Include your API key in the X-Api-Key header with every request.
curl -X GET "https://api.esca.finance/v1/virtual-account" \
-H "X-Api-Key: your_api_key_here"
API Key Security
- Keep it secret: Never expose your API key in client-side code or public repositories
- Use environment variables: Store API keys in environment variables, not in code
- Rotate regularly: Rotate your API keys periodically for enhanced security
- IP Whitelisting: Optionally restrict API key usage to specific IP addresses
Environments
| Environment | Description | API Key Prefix |
|---|---|---|
| Sandbox | For testing and development | esca_test_ |
| Production | For live transactions | esca_live_ |