Authentication is essential for securing access to the Vyafac API. This guide explains how to properly authenticate your requests and manage your access tokens.
Vyafac API uses Bearer token authentication for all API requests. Every request to the API must include a valid token in the Authorization header.
Authorization: Bearer sk_live_your_api_keyRequests without proper authentication or with invalid tokens will be rejected with a 401 Unauthorized response.
To acquire a Bearer Token for API authentication, follow these steps:
Go to the Vyafac Developer Portal: Navigate to the official Vyafac Developer Portal through their website.
Access Developer Settings: Locate and enter the Developer Settings section where token management options are available.
Generate a New Token: Create a new API token with the appropriate permissions for your integration needs.
Download and Store Securely: After creation, download your token and store it in a secure location. Note that tokens are only displayed once for security reasons.
Expiration Period: Each token has a specific expiration date that is established when the token is created.
Token Renewal: Once a token expires, you must generate a new one to maintain API access.
When a request attempts to access resources outside the user's permitted scope, or when authentication fails, Vyafac API returns an Unauthorized error response:
{
"status": "error",
"message": "Unauthorized",
"meta": null,
"data": null,
"errors": [],
"code": 401,
"timestamp": "2025-02-26T10:38:19+00:00",
"version": "1.0.0"
}- Never expose your API tokens in client-side code
- Implement token rotation for enhanced security
- Use environment variables to store tokens in your applications
After successfully authenticating with the API, you can proceed to make requests to the various endpoints available in the Vyafac API.