Authentication ๐
All requests to the Komerce Payment API must be authenticated using an API key.
This key uniquely identifies your merchant account and ensures that your requests are authorized.
Your Komerce Payment API key is the same key used in the Komerce Shipping (RajaOngkir) service.
You do not need to create a new key to use the Payment API.
๐ Getting Your API Key
- Log in to your Collaborator.
- Navigate to โAPI Keyโ under Integration
- Copy your Payment API โ this is the key used for all API requests.
- Store your API key securely in your backend server or environment variable.
- Never expose it in client-side code (browser, mobile apps, etc.).
๐งพ Authentication Method
Komerce Payment uses header-based authentication.
Each request must include the following header:
x-api-key : YOUR_API_KEY
Content-Type: application/json
curl --location 'https://api-sandbox.collaborator.komerce.id/user/api/v1/user/methods' \
--header 'x-api-key: YOUR_API_KEY'
โ๏ธ Sandbox vs Production Keys
| Environment | Base URL | Key Prefix | Description |
|---|---|---|---|
Sandbox | https://api-sandbox.collaborator.komerce.id/user | sandbox | Used for testing transactions. Payments are simulated and not processed by banks. |
Production | https://api.collaborator.komerce.id/user | live | Used for live payments in real transactions. |
๐ Tip: Always use separate keys for sandbox and production environments to avoid mixing real and test data.