Authentication
Learn how to authenticate your requests to Bridge Developer API
Authentication
Bridge Developer API uses HTTP Basic Authentication to secure all API requests. This ensures that only authorized clients can access the API endpoints.
Authentication Method
All API requests must include authentication credentials in the HTTP header using Basic Authentication.
Headers Required
Authorization: Basic <base64_encoded_credentials>Where <base64_encoded_credentials> is the Base64 encoding of username:password.
Getting Your Credentials
Your API credentials are provided after completing the onboarding process:
- Username: Your unique API username
- Password: Your unique API password
These credentials are generated when your integration account is created and approved.
Example Implementation
cURL Example
curl -X POST "https://api.bridgeagw.com/make_payment" \
-H "Authorization: Basic QlAxSTFyRzdDV1EzX0M0UEhZTVNNckI5S1dQTnJJWUhaVFBKMjhXLUZLR05TVzFJVkZEPVdNMldVVTM1OkIzOVctckFNRzY0SHJUX0c4PUsyXzRZRDFNPUE4OV85MV85QT0zSHJTNUJXV0tFVzM4Xy1ZWlotNjExcg==" \
-H "Content-Type: application/json" \
-d '{
"service_id": 1,
"reference": "Transfer to momo",
"customer_number": "0541234567",
"transaction_id": "79",
"trans_type": "CTM",
"amount": 0.1,
"nw": "MTN",
"nickname": "Test",
"payment_option": "MOM",
"currency_code": "GHS",
"currency_val": "1",
"callback_url": "https://webhook.site/0b429e73-ce5c-420b-af82-a346fb577c43",
"request_time": "2025-08-31 23:45",
"landing_page": "https://google.com"
}'JavaScript Example
const username = 'your_username';
const password = 'your_password';
const credentials = btoa(`${username}:${password}`);
const response = await fetch('https://api.bridgeagw.com/make_payment', {
method: 'POST',
headers: {
'Authorization': `Basic ${credentials}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
service_id: 1,
reference: "Transfer to momo",
customer_number: "0541234567",
transaction_id: "79",
trans_type: "CTM",
amount: 0.1,
nw: "MTN",
nickname: "Test",
payment_option: "MOM",
currency_code: "GHS",
currency_val: "1",
callback_url: "https://webhook.site/0b429e73-ce5c-420b-af82-a346fb577c43",
request_time: "2025-08-31 23:45",
landing_page: "https://google.com"
})
});Python Example
import requests
import base64
username = 'your_username'
password = 'your_password'
credentials = base64.b64encode(f'{username}:{password}'.encode()).decode()
headers = {
'Authorization': f'Basic {credentials}',
'Content-Type': 'application/json'
}
data = {
"service_id": 1,
"reference": "Transfer to momo",
"customer_number": "0541234567",
"transaction_id": "79",
"trans_type": "CTM",
"amount": 0.1,
"nw": "MTN",
"nickname": "Test",
"payment_option": "MOM",
"currency_code": "GHS",
"currency_val": "1",
"callback_url": "https://webhook.site/0b429e73-ce5c-420b-af82-a346fb577c43",
"request_time": "2025-08-31 23:45",
"landing_page": "https://google.com"
}
response = requests.post(
'https://api.bridgeagw.com/make_payment',
headers=headers,
json=data
)Security Best Practices
- Keep Credentials Secure: Never expose your API credentials in client-side code or public repositories.
- Use Environment Variables: Store credentials in environment variables or secure configuration files.
- Rotate Credentials: Regularly rotate your API credentials for enhanced security.
- HTTPS Only: Always use HTTPS when making API requests to ensure credential security.
Error Handling
If authentication fails, the API will return a 401 Unauthorized status with the following response:
{
"response_message": "You are not allowed to use this service",
"response_code": "100"
}Base URL
All API endpoints use the following base URL:
https://api.bridgeagw.comMake sure to include this base URL when making requests to any of our API endpoints.