Getting Your API keys

Sandbox Credentials

Instant Cash users are configured with three different user types that are specific to the API they are consuming. User types allow partners to authorize and manage transactions throughout the transaction lifecycle.

To send a request using API client (Postman, self-designed, etc.) follow steps:

1. Use base URL: https://api.instantcashworldwide.ae/sandbox
2. Add a name of the endpoint to the base URL (e.g., /api/v1/transactions)
3. Fill request headers:
   a. x-fapi-financial-id: <agent code>
   b. Authorization: Basic <base64UrlEncoded(user_id:password)>
   c. x-correlation-id: <uuid_v4>
   d. x-idempotency-key: <uuid_v4>
   f. Ocp-Apim-Subscription-Key: <uuid_v4>
4. Send request

*Agent Type indicates how Instant Cash API will be used: for sending transaction only (Sender); for receiving transaction (Receiver) or Both.

**Transactions can be created by a "Single-Level" user or if transaction is created by a "First-Level" user, then it must be authorized by another user with "Supervisor" access.

Sample:

curl --location 'https://ic-api-mgmnt.azure-api.net/sandbox/api/v1/transactions/initiate' \ --header 'x-fapi-financial-id: AE01BH' \ --header 'Authorization: Basic QUU5MDAwNTU1NTpRd2VfMTIzIQ==' \ --header 'x-idempotency-key: 5ef5758c-7e87-4e81-952b-58eef0166dd4' \ --header 'x-correlation-id: 0188ac0b-9d42-45d4-bb6b-d42fca34ccb5' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \

Note:

• x-idempotency-key is required for POST, PUT, PATCH requests in order to prevent unintended results from duplicate identical requests.
• x-correlation-id is optional and used for troubleshooting issue of Partner by tracing end-to-end transaction moving through components in the core system. If x-correlation-id header is not sent by a client system, system will generate it automatically.
• Ocp-Apim-Subscription-Key is a required API header in both UAT and Production environments used in HTTP requests to authenticate access to APIs. As an authentication token, it is used both for security and managing Partner access. Subscription key is provided by Instant Cash Operations team after completion of Sandbox testing. In Sandbox environment Ocp-Apim-Subscription-Key is optional and Partner can pass any value in order to track and identify his requests.

Basic Authentication Process

The IC API uses Basic Authentication process to secure access to its services. To authenticate your requests:

1. Combine your API username and password into a single string, separated by a colon. For example, username:password.
2. Encode the combined string in base64 format.
3. Include the base64-encoded string in the Authorization header of your API request in the following format: Authorization: Basic {base64_encoded_username_password}.

For example:

If the agent's username is AE0000001 and the password is superSecretPassword, then Base64 encoding should be applied to the value AE00000001:superSecretPassword . Then, authorization header value would be:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

Change Password process

In order to change password, you need to use /accounts/change-password endpoint.

1. Prepare the string that contains agent user id, old password and new password separated by colon “:”
2. Convert the value to the base64 encoded string
3. Copy paste base64 encoded string value to the Authorization header
4. Fill in x-fapi-financial-id header
5. Fill in Ocp-Apim-Subscription-Key header
6. Send the change password request

For example:

If the agent's username is AE00000001 and the current password is ABC123 and a new password is Password123! then Base64 encoding should be applied to the value AE00000001:ABC123:Password123!

Authorization: Basic QUUwMDAwMDAwMTpBQkMxMjM6UGFzc3dvcmQxMjMh