> ## Documentation Index
> Fetch the complete documentation index at: https://docs.niobi.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Authenticating API Requests

To maintain the Niobi payment system security and integrity, the api authentication used is generating a unique signature for each request. This signature is generated by using the unique secret key generated by a user in their Niobi App. Once sent, the signature is verified by Niobi upon receipt and then subsequently the payment request is approved.

### Signing Requests

To ensure the security and integrity of your communication with the Niobi API, it's essential to **sign each request**. The complete step by step process for doing this is as follows:

1. Create a request payload for a specific endpoint (for this example, we'll use the [unified collections api](/api-reference/payment-link/unified-collections)).

```json theme={null}
{
  "client_id": "<string>",
  "sender": "<string>",
  "timestamp": 123,
  "salt": "<string>",
  "signature": "<string>",
  "params": {
    "amount": 123,
    "mobile": "<string>",
    "country_id": 123,
    "currency": "<string>",
    "payment_method_type": "<string>",
    "callback_url": "<string>",
    "third_party_reference_1": "<string>",
    "third_party_reference_2": "<string>"
  }
}
```

2. Pass the parameters section under the request payload for the [signature generation api](/api-reference/payment/generates-signature-for-niobi-integration).

```json theme={null}
{
    "params":{
        "amount": 123,
        "mobile": "<string>",
        "country_id": 123,
        "currency": "<string>",
        "payment_method_type": "<string>",
        "callback_url": "<string>",
        "third_party_reference_1": "<string>",
        "third_party_reference_2": "<string>"
    }
}
```

3. Add the salt value, sender name (the name of your integration) and your client\_id.

```json theme={null}
{
  "sender": "Integration_title",
  "salt": "random_salt_value",
  "client_id": "your_client_key_here",
  "params":{
        "amount": 123,
        "mobile": "<string>",
        "country_id": 123,
        "currency": "<string>",
        "payment_method_type": "<string>",
        "callback_url": "<string>",
        "third_party_reference_1": "<string>",
        "third_party_reference_2": "<string>"
    }
}
```

4. Generate the signature by calling the endpoint. The new request payload will be shared within the response including the signature.

```json theme={null}
{
  "success": true,
  "message": "Signature was generated successfully.",
  "data": {
    "client_id": "<client_id>",
   "params":{
        "amount": 123,
        "mobile": "<string>",
        "country_id": 123,
        "currency": "<string>",
        "payment_method_type": "<string>",
        "callback_url": "<string>",
        "third_party_reference_1": "<string>",
        "third_party_reference_2": "<string>"
    },
    "salt": "<salt>",
    "sender": "<sender>",
    "timestamp": "<timestamp>",
    "signature": "<signature>"
  }
}
```

5. Pass the obtained request payload within the specific endpoint.

### Verifying the Signature

To verify the signature, you can pass the payload obtained from the generate signatre response and pass through the [verify signature api endpoint](/api-reference/payment/verifies-the-signature-of-a-request). The expected response is as shown below:

```json theme={null}
{
  "success": true,
  "message": "Request verified successfully."
}
```

## Generating Signatures using Code

Alternatively, if you prefer generating the signature using code, please read more under the [Generating and Verifying Signatures Section](/Authentication)
