We really recommend you to adhere our API integration checklist to ensure the utmost system security. You may refer here for the checklist.
There are several things you need to ensure when you are facing an issue related to 'Unauthorized API Request', such as:
- Unauthorized Disbursement API Request, where there are several or duplicate disbursement API Request via API that was not created on your end
What Should I Do When Unauthorized API Request is Happening?
- Change your password immediately.
- Regenerate or rotate your API keys.
- Adjust use permission and make sure only trusted users that able to access your account.
- Enable two-factor authentication (2FA) on your dashboard by following the step here.
If you have further questions regarding the Unauthorized Use of API Keys, please contact us at help@xendit.co.