Xendit API allows developer to access the functionality of Xendit services such as accepting payments, sending invoices, disbursing funds and managing account information.

Please follow below instruction for the end-to-end details on how to set Xendit API:

1. Login to Xendit Dashboard
2. To be able to test or make payments using Xendit, you must create your secret API key.
   
   • Only user with Admin or Tech Settings permission can generate the API key
   • Go to API keys settings in Xendit Dashboard
   • In Secret keys in API Keys section, click Generate secret key to generate your secret key
   • A pop-up will be prompted to configure your API key name and permission.
   • Click Generate Key
   • Your secret API key will be shown in the pop-up. You can Copy or Download the key.
     

     The key will only be displayed once in this pop up and will not be able to be viewed again after the pop up has been closed.

   • You can generate, edit, or delete API key name and permissions when you need to
3. For some of our products, we'll send a webhook after we have processed your requests. Webhook setup can be done via these steps:
   
   • Set up your server to listen to our webhook request. You can use a tool like ngrok to make your endpoint available for receiving webhook
   • Navigate to Webhook settings in Xendit Dashboard
   • Attach your server's URL in the input box of the product you are going to use. Click Save and Testand a dummy event will be sent to the URL
   • Validate Xendit as legitimate webhook sender via x-callback-token header. Find your x-callback-token in Webhook verification token section in Webhook settings
4. Block unauthorised requests from unrecognised IP Addresse by adding your server IP Address to IP Allowlist
   
   • Navigate to IP Allowlist settings in Xendit Dashboard
   • In IP Allowlist section, add IP Address to allowlist your server IPs. You can find your IP address by using What's My IP