API Authentication

In order to integrate with Hubtel APIs, you will need to create API keys for authentication purposes. Each API has specific keys which would need to be created to access them.

Accessing Keys for the Sales API

To receive API keys for the Sales API, send a request to [email protected] stating your Business Name

You will receive an API Key and API Secret once this is processed.

All Sales made by your API Key will

  1. Be linked to an Employee
  2. Be linked to a Branch of your Business
  3. Be linked to an inventory item of your Business

You can use the API Key and API Secret in Basic HTTP Authentication format to authenticate your requests.

Creating Keys for the SMS API

To create API keys for the SMS API, follow these steps:

  1. Login to your Hubtel Unity account here.
  2. Navigate to your Developer API Page
  3. Under API Type, select HTTP REST API
  4. Add a description and generate your API key by clicking Save.
  5. Copy and keep your Client ID and Client Secret safe.

You can use the Client ID and Client Secret in Basic HTTP Authentication format to authenticate your requests.

Authentication Methods

There are two main API authentication methods used : HTTP Basic Authentication, URL Authentication and OAuth2

Basic Authentication

The easiest way to authenticate is by using HTTP Basic Authentication. Basic Auth requires a Base64 encoded string of your ClientID or API Key as your username and ClientSecret or API Secret as your password. The encoded string is sent in the HTTP Authorization header. See below for a sample header request information.

Authorization: Basic {base64_encode(ClientID:ClientSecret)}

So if khsqolyu is your ClientID and muahwiao is your ClientSecret, then the following header will be sent in the request:

Authorization: Basic a2hzcW9seXU6bXVhaHdpYW8=

Sample Authoraization Header

Authorization: Basic a2hzcW9sb3U6bWdhaHdpYW8=

Basic Authorization for SMS API using Postman

URL Authentication

URL Authentication involves passing in your ClientId and ClientSecret as request parameters in the URL of each request. This form of authentication is used for the Hubtel Quick Send SMS API.


API Security Tips

Ensure that you keep your API keys safe and protected from any unauthorised use.
Do not share your API keys with any unauthorised third party. If you have reasons to believe that your API keys have been compromised, you can easily regenerate new API keys.

API Authentication

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.