Developer Quickstart

Authentication and Authorization

Jenga Payment Gateway supports the OAuth 2.0 Authentication Framework, requiring you to provide a username and password, as well as an API key that you generate on Jenga HQ part of HTTP Basic Authentication to generate a Bearer token.

Once you have a token you can make subsequent requests to initiate payments, check completed transactions and more.

Below is a guide on how to generate your token and put it to use.


By default, all requests that are sent to Jenga Payment Gateway have to be authenticated using your account's API keys. This key is associated to your Jenga HQ account.

Every account will have two API keys: one for testing and one for running live transactions, available for you to view on your Jenga HQ dashboard. Our guides and reference documentation show sample credentials for you to use and try out. When you're logged in to Jenga HQ you will populate the parameters with your own test API keys for your website or application.


Keep Secrets Secret

Only load your API keys as environment variables and do not share your credentials to anyone over email or any other method of communication.

Once you have logged in to Jenga HQ, navigate to the API Keys page under the Developers section by selecting from the left hand navigation and tap on the button "Generate New Keys".

A set of credentials will be revealed - among which is the API Key which you can copy and store securely elsewhere.

When you navigate away from this page you will not see the credentials again until you tap on the "View Keys" button again.


Lost your API Key?

Not to worry - you can generate the same set of credentials again.

Alternatively, if you want to generate a new API key and credentials, you can do so by tapping on the "Generate New Key" button.

Bearer Token

To generate your Bearer token, you'll need your username, password and the API Key that you will pass in the Authorization header of your request.

Here's an example request and response that you'll get when you call the Get Your JengaPGW Access Token API.

POST /token HTTP/1.1
Authorization: Basic WDZZMlVvbloyQkdsVTBDSEpHb3FmSHJmVTBzZXo4Ym06R3pocmptWUtqUm4ySFRXeQ==
Content-Type: application/x-www-form-urlencoded
POST /{generate token API endpoint}
Authorization = api key (example: QXhqbXRVY3VBTWlTanREMHlRb3lwMjdHOXN2MGt6RXQ6OVdkZ1V==)

username = username on Jenga HQ > Developers > Merchant Code
password = password on Jenga HQ > Developers > API Key
grant_type = will always be > password

You'll get a response back with your Bearer token (Bearer payment-token).

200 OK

    "status": "success",
    "payment-token": "6UcF78hyktlXFRSu5t6KpHf6h3Uw",
    "notification-secret": "90cf16795530feb1635043d9e227333b"