Step 1 of 5 · ~5 min

Create Your Account & Get API Keys

Before writing any code, you need a PaymentsAPI account and your API keys. This step covers account creation, key types, and how to store keys securely from day one.

Create your account

Go to dashboard.paymentsapi.dev and click Create Account
Verify your email address
Complete the business profile form (required for live access)
You now have sandbox access immediately — live access is enabled after KYB review

Understand key types

Key type	Prefix	What it can do	Where to use
Secret key	`sk_test_ / sk_live_`	Full API access — create transfers, manage accounts	Server-side only
Publishable key	`pk_test_ / pk_live_`	Tokenize account data only — no transfer creation	Safe for client-side

⚠ Never expose your secret key

If sk_live_ appears in version control, public logs, or client-side code — rotate it immediately from the dashboard. Leaked live keys grant full transfer creation access.

Retrieve your API keys from the dashboard

In the dashboard, go to Settings → API Keys
Your sk_test_ key is visible immediately — copy it now
Your webhook secret (whsec_) is under Settings → Webhooks — you'll need it in Step 4

Store your keys securely before writing any code

Create a .env file in your project root and add it to .gitignore before your first commit.

# .env — add this to .gitignore immediately
PAYMENTS_SECRET_KEY=sk_test_[your_secret_key_here]
PAYMENTS_PUBLISHABLE_KEY=pk_test_xxxxxxxxxxxxxxxxxxxxxxxx
PAYMENTS_WEBHOOK_SECRET=whsec_xxxxxxxxxxxxxxxxxxxxxxxx

# .gitignore
.env
.env.local
.env.*.local

For production: use a secrets manager

In production, store your sk_live_ key in AWS Secrets Manager, GCP Secret Manager, or a CI/CD secrets store — never in environment files on a server.

Step 1 Checklist

Account created and email verified
Copied sk_test_ key from dashboard
Created .env file with API key
Added .env to .gitignore

← Overview