Guides & Tutorials
Get Started
Developer Quickstart

Authentication and Authorization

Jenga supports Bearer authentication (also called token authentication) that utilizes JSON web tokens (opens in a new tab). To get your JWT token, you must pass the API keys available from the Jenga Dashboard (opens in a new tab).

Once you have a token, you can make subsequent requests to initiate payments, check completed transactions and more. Just pass this token in the Authorization header like so:

HTTP GET {{your_api_path}}
Accept: application/json
Authorization: Bearer <your_token>

API Keys

After you sign up on Jenga, you will be presented with three API Keys:

  • Merchant Code: This is the primary identifier of your Jenga account. If you require support from the Jenga Support Team, you must provide your merchant code.

  • Consumer Secret: This serves as the secondary identifier of your account and might be used in different cases depending on the product you are consuming; for instance, when encrypting and decrypting data passed to and from Jenga or decrypting response data on successful payment on Checkout.

  • API Key: This is required during authentication ONLY

Jenga offers two account modes:

  • Test Mode: In this mode, you will use simulated processes meaning no real money is involved. This mode allows you to ensure that your integration works and serves as expected. You access our Test Cards, Accounts and Mobile Numbers here

  • Live Mode: You will transact using real money in this mode.

You can easily switch between Live and Test modes by clicking the Switch to test or Switch to Live button on top of the Jenga Dashboard. You will be required to provide auth credentials i.e. email address and password, before switching from one mode to another.

In cases where you have registered on both Live and Test Mode, we recommend using different passwords for the two modes.

Retrieving your API Keys

To retrieve your set of credentials:

  • Log into your Jenga HQ portal (opens in a new tab)
  • Navigate to Settings
  • Select the API Keys and click View Keys. A set of credentials will be revealed, which you can copy and store securely elsewhere.

🚧 Lost your API Key?

Not to worry - you can generate the same set of credentials again.

Alternatively, if you want to generate a new API key and credentials, you can do so by tapping the "Generate New Key" button.

Generate your Bearer token

Now that you have your API Keys ready, let's dive into how to generate your Bearer token on Jenga.

All Jenga APIs are RESTFUL APIS and utilizes JSON as an exchange format, so you will need to pass the Content-Type as application/json. To authenticate on Jenga, you will need to pass two headers: The Content-Type and Api-Key:

Content-Type: application/json
Api-Key: API_KEY_FROM_JENGA_PORTAL

On your request body, you need to pass two mandatory string fields:

  1. merchantCode
  2. consumerSecret
Test URL
https://uat.finserve.africa/authentication/api/v3/authenticate/merchant
Live URL
https://api.finserve.africa/authentication/api/v3/authenticate/merchant
/* POST /authentication/api/v3/authenticate/merchant HTTP/1.1
/* Api-Key: hbWCSNsk61C24HTwI0q9olFgNGsxNP8jfVhLRo0scR...
/* Content-Type: application/json*/
{
  "merchantCode": "0582910862",
  "consumerSecret": "ce0NHpa7ZaxmOFkbEbULABpu412fS4NQa"
}

And the response will look something like this:

// 200 OK
{
  "accessToken": "eyJhbGciOiJSUzUxMiJ9.eyJ0b2tlblR5cGUiOiJNRVJDSEFOVCIsImVudiI...",
  "refreshToken": "ctmB6GJq9Tqbf+Z5neWs/7WGA3S6nHs+VToc0J9eXdLTSVD63BrhDRSCIXu...",
  "expiresIn": "2023-07-13T07:03:02Z",
  "issuedAt": "2023-07-13T06:48:02Z",
  "tokenType": "Bearer"
}

At times you may get errors, don't get stuck. Check out our Error Mappings to assist in troubleshooting your issue