Cashramp
  • Introduction
    • Getting Started
    • Payment Rails
    • API Endpoints
    • Authentication
    • Webhooks
    • Integration Guide
    • SDKs
  • Hosted Ramp
    • Overview
    • Deposits
    • Withdrawals
    • Cancel Payment
  • Direct Ramp
    • Overview
    • Ramp Quotes
    • Deposits
    • Withdrawals
  • Onchain Ramp
    • Overview
    • On-Off Ramp
  • Cashramp API
    • Queries
    • Customers
    • Payment Methods
    • Withdraw Onchain
    • Virtual Bank Accounts
Powered by GitBook
On this page
  • Authenticating a Request
  • Example (Axios)
  1. Introduction

Authentication

PreviousAPI EndpointsNextWebhooks

Last updated 18 days ago

The Cashramp GraphQL API is secured with API keys. Generate and manage these keys in the .

Key
Prefix
Intended use
Keep it where?

Public key

CSHRMP-PUBK_

Client-side calls that cannot modify account data (e.g., widget embeds).

Safe to expose in front-end code.

Secret key

CSHRMP-SECK_

Server-to-server requests; full account access.

Store securely (env vars, vault). Never commit or share.

Cashramp does not retain your secret key. Copy it once, keep it safe.

If a key is leaked, log in to the dashboard, rotate the key immediately. Rotation revokes the old key and issues a new one.


Authenticating a Request

The API uses Bearer auth. Send your secret key in the Authorization header:

Authorization: Bearer CSHRMP-SECK_xxxxxxxxxxxxxxxxxxxxxx

Example (Axios)

import axios from "axios";

const cashramp = axios.create({
  baseURL: "https://api.useaccrue.com/cashramp/api/graphql",
  headers: {
    Authorization: `Bearer ${process.env.CSHRMP_SECRET_KEY}`,
  },
});

All requests must be over HTTPS. Calls without valid authentication are rejected.

Developer Dashboard