Authentication

REST-first integration guides aligned with the live Xaqiiji API contract.

Test API Keys

Test keys start with xq_test_ and are created in the business portal under Developer → API Keys.

Live keys start with xq_live_, require business approval, and deduct credits per verification.

.env

XAQIIJI_API_KEY=xq_test_xxxxxxxxxxxxxxXAQIIJI_BASE_URL=http://localhost:8080/api/v1WEBHOOK_SIGNING_SECRET=your_webhook_signing_secret

Never expose API keys in browser code

Use vaults or encrypted environment variables

Use separate keys per application

Rotate keys after staff or vendor changes

Rotate keys from the business portal (Developer → API Keys). Deploy the new key, verify traffic, then revoke the old key.

SDK Quick Start

OpenAPI Specification

Was this page helpful?