Merchant Login

Authentication

Servinux V2 utilizes **Bearer Token** authentication to secure API requests. Your Secret Key serves as a unique cryptographic identifier for your merchant account. In V2, providing this token allows our engine to automatically resolve your merchant identity, eliminating the need for hardcoded IDs in your request payloads.

Security Requirement

**Never** share your Secret Key or commit it to version control systems. Authentication must always be performed from your **server-side** (Backend) code. Including these keys in mobile app frontends or client-side JavaScript will lead to immediate account compromise.

The Authorization Header

All V2 API requests must include the Authorization header with the prefix Bearer.

Header Key Authorization
Header Value Bearer sk_live_your_secret_key

V2 Implementation (cURL)

Request Example 
curl -X GET "https://merchant.servinux.com/v2/index.php?action=get_banks" \
  -H "Authorization: Bearer sk_test_8c66e7ca07c23f03918709c4..." \
  -H "Content-Type: application/json"

Valid Token

The platform automatically resolves your merchant ID and returns a 200 OK response.

Invalid Token

If the key is malformed or missing, the server returns 400 Bad Request with an unauthorized message.

Key Environment Logic

The Finovo V2 Engine automatically switches between **Sandbox** and **Production** environments based on the key prefix used:

  • sk_test_ Routes requests to the Squad Sandbox environment. No real funds move.
  • sk_live_ Routes requests to the Production banking rails. Real funds are processed.