Authentication

Twala Sign API Authentication provides secure authentication for API access to Twala Sign services.

Your API requests to Twala API must be authenticated using your account's Application UUID and Secret. An authentication error will be returned if either the UUID or secret is not provided or invalid.

Upgrade plan

Any Twala account can upgrade their existing Business and Business Plus plans to obtain API credits. Upon activation, you can now create an app from your Twala Dashboard and it will automatically generate both an Application UUID and Secret for testing to try out Twala API and for running live requests.

Live and test mode

It is possible to access the API in test mode using the Boolean parameter test. Signature requests created in test mode are not legally binding and are watermarked as such.

Application UUID and Secret

Application UUID
This UUID is solely used to identify your account when calling Twala API from the client-side.

Application Secret
The secret key is meant to be kept confidential and only stored on your own servers. Secret key can perform any API requests to Twala without restriction and with access to overall data.

❗️

Never share you secret key

Treat your secret key like your passwords. The best practice is to store it in your server's environment variable and not hardcoded in your codebase. If, for any reason, you believe that your secret key have been compromised, you can regenerate anytime from your Twala dashboard to make the old secret unusable.

Authenticate using your API credentials

To authenticate your API requests, add Twala-Application-Uuid and Twala-Application-Secret as headers and provide your Application UUID and Application Secret respectively.

You can try our API Reference section or use an API tool such as Postman to test your API credentials.