> For the complete documentation index, see [llms.txt](https://docs.tutelar.io/tutelar-api-document/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.tutelar.io/tutelar-api-document/tutelar-api-document-v2/introduction.md). # Introduction ### **Tutelar provides single environment to access all available apis** Base URL : | Keys | Description | | ---- | ---------------------------------------------------------------------------------------- | | Test | This key enabled for developers to test transactions, merchant onboarding and other apis | | Live | This key enabled for production access. | ### How to generate your API Secret keys? **Step 1:** Go to the Tutelar client panel and then Select **API Credentials** under **Security Settings.** In the API settings page, you can generate your API keys and use it.

**Step 2:** On the API credentials page click on the Generate key

**Step 3:** By clicking on the Generate key it will open a popup.

**Step 4:** Once the popup opens, you need to enter the Label name. After that you need to Select Which Product you want to generate API Keys. By default, Expiry Time is set at 6 months, however it can be changed. After giving the respective mode and password the keys will get generated.

**Step 5:** To view the API key and Secret key click on the "API key" button on the API credential page.

### How to add IP whitelisting? **Step 1:**Go to the Tutelar client panel and then Select **IP Whitelisting** under **Security Settings.** In the IP Whitelisting page, you can add IP address.

**Step 2:** On the Add IP address page, Select User Type, Select User, Select IP Type and Enter the Valid IP Address then Click on submit button.

**Step 3:**By clicking on the submit button IP address has been added successfully.

### Generate Access Token for V2 APIs **Step 1:** Copy the generated **API Key** and **Secret Key** from the API Credentials page.

**Step 2:** Use the generated credentials to call the **Generate Token API**. `POST` **`https://secctrl.tutelar.io/api/generate-token`** #### Post parameters description is given below

Post Parameter	Type	Is Mandatory	Description
username	String	Yes	Your API key to be used as the username
password	String	Yes	Your Secret key to be used as the password

#### Sample Post Parameters ```json { "username": "tutpk_live_KvW8JlooXglb", "password": "tutsk_live_rPpDSThyluyQ20JM8TD2LY9ZJXc8bmyDAyNmFEmc" } ``` {% tabs %} {% tab title="200: Success Response" %} ```json { "success": true, "code": 14032, "message": "Access token generated successfully", "data": { "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnWGxRVndTWTdXWTNTN1pDYkJ6ZURRZEx6M1k5Nm9iOCIsImV4cCI6MTc4MDMxMjYzOSwidHlwZSI6ImV4dGVybmFsIiwibW9kZSI6ImxpdmUiLCJwcm9kdWN0Ijp7ImlkIjoiWGZ1emgxWGxEIiwibmFtZSI6Ik1lcmNoYW50IFByb3RlY3QiLCJjb2RlIjoibWVyY2hhbnRfcHJvdGVjdCJ9LCJpYXQiOjE3ODAzMDk5Mzl9.Y2hhbnRfcHJvdGVjdCJ9LCJpYXQiOjE3ODAzMDk5Mzl9 ", "refresh_token": "8c4d0ed9f825f98d0759b09195f9ce1fd1dd951653dd459b8bad416d500367de" } } ``` {% endtab %} {% tab title="422: Validation Error Response" %} ```json { "success": false, "code": 14036, "message": "Username and Password should be not empty" } ``` {% endtab %} {% tab title="403: Forbidden" %} ```json { "success": false, "code": 14015, "message": "Client API keys not found" } ``` {% endtab %} {% tab title="401: Unauthorized" %} ```json { "exp": "token expired" } ``` {% endtab %} {% endtabs %} **Step 3:** Copy the generated **Access Token** and include it in the Authorization header while accessing all V2 API. ``` Authorization: Bearer ``` #### Token Expiry Details

Token Type	Expiry Duration
Access Token	45 Minutes
Refresh Token	60 Days

**Step 4:** Once the Access Token expires, use the **`/refresh-token`** API to generate a new Access Token. Use the newly generated Access Token in the **Authorization** header for all subsequent V2 API requests. ### Refresh Access Token If the Access Token expires, generate a new Access Token using the Refresh Token. `POST` **`https://secctrl.tutelar.io/api/refresh-token`** #### Post parameters description is given below

Post Parameter	Type	Is Mandatory	Description
username	String	Yes	Your API key to be used as the username
password	String	Yes	Your Secret key to be used as the password
refresh_token	String	Yes	Your Refresh Token to generate a new access token

#### Sample Post Parameters ```json { "username": "tutpk_live_KvW8JlooXglb", "password": "tutsk_live_rPpDSThyluyQ20JM8TD2LY9ZJXc8bmyDAyNmFEmc", "refresh_token": "8c4d0ed9f825f98d0759b09195f9ce1fd1dd951653dd459b8bad416d500367de" } ``` {% tabs %} {% tab title="200: Success Response" %} ```json { "success": true, "code": 14032, "message": "Access token generated successfully", "data": { "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnWGxRVndTWTdXWTNTN1pDYkJ6ZURRZEx6M1k5Nm9iOCIsImV4cCI6MTc4MDMxMjYzOSwidHlwZSI6ImV4dGVybmFsIiwibW9kZSI6ImxpdmUiLCJwcm9kdWN0Ijp7ImlkIjoiWGZ1emgxWGxEIiwibmFtZSI6Ik1lcmNoYW50IFByb3RlY3QiLCJjb2RlIjoibWVyY2hhbnRfcHJvdGVjdCJ9LCJpYXQiOjE3ODAzMDk5Mzl9.Y2hhbnRfcHJvdGVjdCJ9LCJpYXQiOjE3ODAzMDk5Mzl9 ", "refresh_token": "8c4d0ed9f825f98d0759b09195f9ce1fd1dd951653dd459b8bad416d500367de" } } ``` {% endtab %} {% tab title="422: Validation Error Response" %} ```json { "success": false, "code": 14036, "message": "Username and Password should be not empty" } { "success": false, "code": 14033, "message": "Refresh token should not be empty" } ``` {% endtab %} {% tab title="403: Forbidden" %} ```json { "success": false, "code": 14015, "message": "Client API keys not found" } ``` {% endtab %} {% tab title="401: Unauthorized" %} ```json { "success": false, "code": 14035, "message": "Invalid Refresh Token" } { "success": false, "code": 14035, "message": "Refresh Token Expired" } ``` {% endtab %} {% endtabs %} If the Refresh Token has expired, a new Access Token and Refresh Token pair must be generated using the **`/generate-token`** API. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.tutelar.io/tutelar-api-document/tutelar-api-document-v2/introduction.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.