V1 APIs
9 min
overview this guide provides instructions to create, manage, and use jwt based api keys from the go admin portal , as well as a categorized reference of all supported api endpoints you will need to follow this to use any of the go apis location in portal in the go admin portal, navigate to grants & config > create api keys you will see a screen with a create new button to begin generating a new api key there, you will find the interface to manage api keys for different api categories you can also see list of past generated keys for your reference along with information like rate limits and expiry creating an api key follow these steps to generate a new api key click on the create new button enter a recognizable name for the api key use toggles to select the required api categories auth user management rms management backops user management merchant management merchant misc app specific data uam audit data lead management define the expiry date and time set a rate limit between 1 and 10,000 requests per minute click create the jwt token will be shown only once copy and store it securely token visibility and storage the platform does not allow retrieval of the token after generation for security measures the token is visible only once — at the time of creation ensure secure storage of the token, such as in a password manager or internal key vault treat this token like a password; do not expose it in frontend code, logs, or public spaces using the token in api calls authorization \<token> content type application/json example curl request curl location '/api/v1/backopsusers/checkusernameexist' \\ \ header 'content type application/json' \\ \ header 'authorization \<token>' \\ \ data '{ "realm" "demo", "username" "sampleuser", "caseinsensitive" true }' api categories and endpoints below is a categorized list of supported api endpoints accessible via /api/v1/ auth user management /backopsusers/checkusernameexist /backopsusers/reset password rms management /rms/checkmanagercodeexist /rms/reset password /applications/{applicationid}/rms (get / post) /applications/{applicationid}/rms/{rmsid} (get / patch) backops user management /applications/{applicationid}/backopsusers (get / post) /applications/{applicationid}/backopsusers/{bid} (patch) /applications/{applicationid}/backopsusers/{bid}/{uid} (delete) merchant management /merchants/{merchantid}/data (get) /applications/{applicationid}/merchants (post) /applications/{applicationid}/merchants/{mid}/{bid} (put) merchant misc /merchants/workflow (post) /merchants/{merchantid}/customintegrationlogs (get) /merchants/data (post / delete) app specific data /applications/{applicationid}/allregionbucketsofapplication (get) uam audit data /uamauditdata/rm/getdata (post) /uamauditdata/getdata (post) /uamauditdata (get) lead management /leads/{rmid} (get / post) best practices never share your jwt token publicly scope tokens only to the categories you need rotate tokens periodically — before expiry always use https // for all api interactions avoid embedding tokens in frontend code monitor and enforce rate limits to prevent abuse