API Authentication

In order to integrate with Hubtel APIs, you will need to create API keys for authentication purposes. Each API has specific keys which would need to be created to access them.

Accessing Keys for the Sales API

API keys can be created on your account by an Employee with an Administrator role by:

  • Navigating to Settings on your account
  • Click "Programmable Integrations"
  • Select "Add New" to add a new API key

Click here to add a new API key to your account.

You will receive an API ID and API Key once this is processed.

All Sales made by your API Key will

  1. Be linked to an Employee
  2. Be linked to a Branch of your Business
  3. Be linked to an inventory item of your Business

Use the API ID and API Key in Basic Authentication format to authenticate your requests.

Be sure to copy and store your API details as these are not shown on your portal after you complete the process

Accessing your Account Number

You need to specify your Account Number during API requests. Successful deposits are paid into this account. The Account is tagged as a POS Sales Account on your account here

Creating Keys for the SMS API

To create API keys for the SMS API, follow these steps:

  1. Login to your Hubtel Unity account here.
  2. Navigate to your Developer API Page
  3. Under API Type, select HTTP REST API
  4. Add a description and generate your API key by clicking Save.
  5. Copy and keep your Client ID and Client Secret safe.

You can use the Client ID and Client Secret in Basic HTTP Authentication format to authenticate your requests.

Authentication Methods

There are two main API authentication methods used : HTTP Basic Authentication, URL Authentication and OAuth2

Basic Authentication

The easiest way to authenticate is by using HTTP Basic Authentication. Basic Auth requires a Base64 encoded string of your ClientID or API ID as your username and ClientSecret or API Key as your password. The encoded string is sent in the HTTP Authorization header. See below for a sample header request information.

Authorization: Basic {base64_encode(ClientID:ClientSecret)}

So if khsqolyu is your ClientID and muahwiao is your ClientSecret, then the following header will be sent in the request:

Authorization: Basic a2hzcW9seXU6bXVhaHdpYW8=

Sample Authoraization Header

Authorization: Basic a2hzcW9sb3U6bWdhaHdpYW8=

Basic Authorization for SMS API using Postman

URL Authentication

URL Authentication involves passing in your ClientId and ClientSecret as request parameters in the URL of each request. This form of authentication is used for the Hubtel Quick Send SMS API.

https://domain.website.com?From={From}&To={To}&Content={Content}&ClientId={ClientId}&ClientSecret={ClientSecret}&RegisteredDelivery={RegisteredDelivery}

API Security Tips

Ensure that you keep your API keys safe and protected from any unauthorised use.
Do not share your API keys with any unauthorised third party. If you have reasons to believe that your API keys have been compromised, you can easily regenerate new API keys.

API Authentication


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.