Authentication

TheBridge Developer API uses Basic Authentication to secure all API endpoints. This ensures that only authorized clients can access the API and perform transactions.

Basic Authentication

Basic Authentication requires you to include an Authorization header with each API request. The header contains the word “Basic” followed by a space and a base64-encoded string of your username and password, separated by a colon. Here’s how to construct the Authorization header:
  1. Combine your API Client Key and Secret Key with a colon: client_key:secret_key
  2. Encode this string in base64.
  3. Prepend “Basic ” to the encoded string.
Your final Authorization header should look like this: Authorization: Basic <base64_encoded_credentials>

Obtaining Credentials

To obtain your API credentials:
  1. Sign up for an account on our client portal (https://client.thebridgesolutions.com).
  2. Complete the KYC (Know Your Customer) process.
  3. Once approved, you’ll receive your API Client ID, Client key and Secret key.
Keep your API credentials secure and never share them publicly. If you suspect your credentials have been compromised, contact our support team immediately.

Example Request

Here’s an example of how to include the Authorization header in your API requests: 
  curl -X POST https://api.thebridgesolutions.com/make_payment \
  -H "Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=" \
  -H "Content-Type: application/json" \
  -d '{
  "service_id": 123,
  "customer_number": "0123456789",
  "amount": 100.00,
  "currency_code": "GHS"
  }'
Replace dXNlcm5hbWU6cGFzc3dvcmQ= with your actual base64-encoded credentials.

Security Best Practices

  1. Use HTTPS for all API requests to encrypt data in transit.
  2. Rotate your API credentials periodically.
  3. Implement IP whitelisting if possible to restrict API access to known IP addresses.
  4. Monitor your API usage for any suspicious activity.
For more information on our security measures and best practices, please refer to our Security Guidelines page.