Authentication - VTULab API

VTULab uses API keys to authorize requests. All API requests must be made over HTTPS and include an API key.

API Keys

You can find your API keys in the API Settings of your dashboard. We provide two keys for different environments:

Live Key

Used for real transactions. Ensure your wallet is funded before using this key.

Test Key

Used for sandbox testing. Transactions made with this key are simulated and do not debit your balance.

Authentication Format

We support two ways to provide your API key in the request headers:

1. Bearer Token (Recommended)

Include your key in the Authorization header.

Authorization: Bearer YOUR_API_KEY

2. Custom Header

Alternatively, you can use the X-API-KEY header.

X-API-KEY: YOUR_API_KEY

IP Whitelisting

For maximum security, you must whitelist the IP addresses of your servers. Requests originating from non-whitelisted IPs will be rejected with a 403 Forbidden error.

You can manage your whitelisted IPs in the API Settings section of the dashboard.

Base URL

All API requests should be prefixed with the following base URL:

https://api.vtulab.com/v1

API Status Codes

Code	Description
`200`	Success: The request was successful.
`401`	Unauthorized: Invalid or missing API key.
`403`	Forbidden: IP not whitelisted or account restricted.
`422`	Unprocessable Entity: Validation errors in your payload.
`429`	Too Many Requests: Rate limit exceeded.

curl -X GET "https://api.vtulab.com/v1/vtu/data" \
     -H "Authorization: Bearer YOUR_API_KEY"

​API Keys

Live Key

Test Key

​Authentication Format

​1. Bearer Token (Recommended)

​2. Custom Header

​IP Whitelisting

​Base URL

​API Status Codes

API Keys

Authentication Format

1. Bearer Token (Recommended)

2. Custom Header

IP Whitelisting

Base URL

API Status Codes