Because you are working with sensitive financial data, we ensure that our Nuapay API is highly secure.

To ensure that your data is always protected, all requests are:

  • Transmitted via Secure Sockets Layer (SSL) over the HTTPS protocol.
  • Pass a specific API Key unique to each merchant, for authentication or an OAuth token.
  • Originate from an allowed IP address (the allowed IP addresses will be configured for you when you register for the service)

In addition to this, as an extra security layer:

  • For certain endpoints (e.g. Credit-Transfer-related requests), you must provide a JOSE Header in your requests.
  • To do this you will need to create a private key and certificate and use these to generate the JOSE Header. See JSON Web Signature for more on this.