Skip to main content

Api Keys

Overview

The API Keys page in Lutastore allows you to manage the API credentials required to integrate Lutastore services with your eCommerce platform. These keys provide secure authentication and communication between your system and Lutastore services.

Types of API Keys

1- Test Auto Expire API Key (Expires in 3 Days)

  • This is a temporary API key that expires after 3 days.

  • It is used for testing purposes and will automatically become inactive after the expiration date.

  • Permissions and Roles:

    • Send OTP request
    • Verify OTP
    • Verify customer
    • Check service status
2- Permanent API Keys

  • These API keys remain active until manually disabled or regenerated.

  • Can be used for long-term integrations with your platform.

  • Permissions and Roles:

    • Similar to the test API but with more flexibility for permanent use.
    API image

Generating API Keys

When accessing the API Keys page for the first time, you can generate new API keys by following these steps:

  1. Navigate to the API Keys section in the dashboard.
  2. Click Generate New Key to create a new key.
  3. The API Token and API Secret will be generated automatically.

Note: Make sure to store the API Secret securely, as it will not be displayed again after leaving the page.

Managing API Keys

  • You can enable or disable an API key using the toggle button.
  • Each key’s permissions are listed under the Permissions and Roles section, defining the allowed actions such as:
    • Send OTP request
    • Verify OTP
    • Verify customer
    • Check service status

Key Expiration & Renewal

  • The test API key expires 3 days after creation, as indicated next to it.
  • Once a key expires, you must generate a new one to continue using it.

Re-Generating API Keys

If you need to regenerate an API Key for security reasons or if the key is compromised, follow these steps:

  • Click the Re-Generate Keys button next to the key.
  • Confirm the action in the pop-up prompt.
  • A new API Token and API Secret will be generated, and the old keys will be revoked.

Note: Once an API key is regenerated, the previous keys will no longer work. Ensure you update your integrations with the new credentials.

Security Best Practices

To maintain the security of your API keys:

  • Never share your API Secret with unauthorized users.
  • Store your credentials in a secure environment.
  • Regenerate API keys periodically to enhance security.
  • Restrict access based on IP addresses if possible.

By following these steps, you can ensure a smooth and secure integration between Lutastore and your eCommerce platform.