API Keys
Prava uses API keys to authenticate requests.- Include the
Api-Key: <YOUR_API_KEY>header on every request. - Keep your API keys secret.
- Rotate keys if they are compromised.
Environments
- Sandbox — For development and testing. Use the sandbox base URL and sandbox keys.
- Production — Provisioned after additional verification. Production keys will be issued separately.
Webhooks
Prava supports webhooks for asynchronous status updates (e.g., payments, disputes, wallet events).- Verify webhook signatures using the SDK helper or the header signature provided on each event to ensure security.