# API-Keys

Manage your API keys to authenticate requests with MoneyCollect.

MoneyCollect authenticates your API requests using your account’s API keys. If you don’t include your key when making an API request, or use an incorrect or outdated one, MoneyCollect returns an error.

Every account has separate keys for testing and for running live transactions. All API requests exist in either test or live mode, and objects in one mode (customers, plans, coupons, etc.) can’t manipulate objects in the other.

There are also two types of API keys: <mark style="color:blue;">**public key**</mark> and <mark style="color:blue;">**private key**</mark>.

* <mark style="color:blue;">**Public keys**</mark> are meant solely to identify your account with MoneyCollect, they aren’t secret. In other words, you can safely publish them in places like your MoneyCollect.js JavaScript code, or in an Android or iPhone app.
* <mark style="color:blue;">**Private key**</mark> You must keep your private API keys confidential and only store them on your own servers. You must not share your private API key with any third parties. Your account’s private API key can perform any API request to MoneyCollect without restriction. If MoneyCollect believes that your private API key has been compromised, we may cancel and reissue it, potentially resulting in an interruption to your MoneyCollect services. Each account has 4 keys in total: a public and private key pair for test mode and live mode.

## Obtaining your API keys

Users with <mark style="color:blue;">Administrator</mark>/ <mark style="color:blue;">Developer</mark> permissions can access a MoneyCollect account’s API keys by navigating to the **Developers** section of the MoneyCollect [Dashboard](https://portal.moneycollect.com/) and clicking on **API Keys**.Your API keys are always available in the Dashboard and you can copy the public API & private API for the next step.

![Obtain API keys from MoneyCollect Dashboard](https://3906929740-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FQyT5pndc80PGeNrMulEU%2Fuploads%2F9MKAxHCV2sosuA5Fag3r%2F%E5%88%A0%E9%99%A4.png?alt=media\&token=2ee810ca-080d-4288-81b8-aa7b5a17172b)

## Test and live modes

The test and live modes function almost identically, with a few necessary differences:

* In test mode, payments are not processed by card networks or payment providers, and only our test payment information can be used.
* In test mode, Identity does not perform any verification checks.

{% hint style="info" %}
You can view test data by toggling the Dashboard’s  test mode option.
{% endhint %}

### Accessible apis for publickey

&#x20;In certain UI interaction scenarios, you may need to use publickey to call APIs, but  access permissions are limited because publickey may be saved on your page.&#x20;

The following api is open for publickey access:

<table><thead><tr><th width="220">Method</th><th>URI</th></tr></thead><tbody><tr><td>Get</td><td>/services/v1/payment/{}</td></tr><tr><td>Post</td><td>/services/v1/payment/{}/confirm</td></tr><tr><td>Post</td><td>/services/v1/payment_methods/create</td></tr><tr><td>Post</td><td>/services/v1/payment/{}/cancel</td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.moneycollect.com/docs/developer-tools/api-keys.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.