# Authentication

The Ninjapay API uses `API Keys` to authenticate requests. You can view and manage your API Keys in the [Ninjapay dashboard](https://ninjapay.me/dashboard).

Development mode keys are generated on the [<mark style="color:blue;">Development environment</mark>](https://dev.ninjapay.me/dashboard), while Production mode keys are generated on the [<mark style="color:blue;">Production environment</mark>](https://ninjapay.me/dashboard).  (Currently only production is available)

Authentication to the API is performed with a key. Provide your API key on on the `Authorization` header.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API Requests without authentication will also fail.

| Header        | Value    |
| ------------- | -------- |
| Authorization | API\_KEY |

Depending on the functionalities you want your application to perform, there are different permission levels:

|                                     | Invoice key | Admin key |
| ----------------------------------- | ----------- | --------- |
| Create payment request & fetch info | ✅           | ✅         |
| Fetch transaction history info      | ✅           | ✅         |
| Initiate withdrawals                | ❌           | ✅         |

### Sending your first API call

There are four properties that you must include in every API call.

1. `api_key` \*\*\*\*A 40-character alpha-numeric string that gives you access to use the API.
2. `method` \*\*\*\*An actions you can perform on a resource.
3. `headers` \*\*\*\*Any one of the items listed below in the API Reference.
4. `body` \*\*\*\*JSON-encoded values sent to the method, sometimes optional.

With that in mind, the next step is to send a `POST` or `GET` request to `prod.ninjapay.me` with the appropriate values set.

A good first API call would be `wallet.info`. Fill in your API key, then paste this string into a web browser. Notice the `body` parameters is missing; that's because it's not required for this API call.

{% code fullWidth="false" %}

```


 https://api.ninjapay.me/lapi/v1/wallet?api_key={YOUR API KEY}


```

{% endcode %}

You can send API calls directly in your web browser, using cURL from a command line, or with your programming language of choice. You can also use the [Postman Collection](https://documenter.getpostman.com/view/6332024/RznFnd99?version=latest).