Logo

Prana Connect

Prana ConnectGetting StartedAuthentication

Authentication

API keys, environments, and safe request signing patterns

Prana Connect uses bearer tokens for server-to-server requests.

Bearer Token

Send your API key in the Authorization header:

Authorization: Bearer <PRANA_API_KEY>

Environments

  • Sandbox: Use for development and test cases.
  • Production: Use for real transactions.

Never reuse production keys in non-production environments.

Idempotency

Use an idempotency key for create/charge-like operations to prevent duplicate payments when retries happen.

Idempotency-Key: <uuid>

Security Notes

  • Store keys in server-side secrets (not in frontend code).
  • Rotate keys and webhook secrets on a schedule.
  • Restrict outbound traffic from your services to known Prana Connect endpoints when possible.

How is this guide?

Last updated on

Quickstart

Get a hospital system integrated with Prana Connect in a few steps

Webhooks

Receive payment status updates reliably and verify authenticity

On this page

Bearer Token
Environments
Idempotency
Security Notes