Skip to main content

Authentication

RouteX uses a bearer secret key for merchant requests in this MVP.

Key format

Use the test secret from your merchant dashboard: 
Authorization: Bearer ROUTEX_TEST_xxx

Rules

  • Use test mode only for this submission.
  • Keep the secret key server-side.
  • The same merchant key is used for collections, payouts, and verification.
  • If a request fails with 403, the key is missing, malformed, or not valid for the merchant workspace.

What not to use

  • Do not use public keys for authenticated API calls.
  • Do not use admin credentials for merchant requests.
  • Do not paste the key into browser-side code.