Secret Key Management

The One-Step Payment (OSP) is the simplest method for purchases using AppCoins. To implement it, the developer must create a URL with the payment information.

When implementing One-Step Payment, it is advised that the process is done with server-side validation because it is safer (to know more about this, click here). In this way, every validation is performed server-side and if the URL is changed/damaged, our services will reject it.

For extra security of the URL and to validate if its content has not been tampered with, the developer should include the signature parameter in the URL, this parameter is necessary for the server-side implementation. To do this, a secret key is required, which is generated in the developer console by the developer.

To obtain the secret key, you need to access My Apps and then click on the top right corner of the page to go to the Secret Keys menu.

There, you will be able to manage all your secret keys. You can have as many as you want, deactivate and activate as you wish, and delete and make as many new ones as you see fit.

When you generate a new key, all you need to do is:

  • click on Generate New Key;
  • choose a Title/Name for the key you are generating (or leave the default which is the timestamp of creation);
  • and click Generate.

After generating, save your secret key by copying and pasting it somewhere into a document you can save.


Always save your secret key after generating it

Please note that after clicking on Got It, you won't be able to see this secret key again.


Can I have more than one secret key active at the same time?
Yes. You can have as many secret keys as you want active simultaneously.

If I generate a new secret key, will deactivate or delete any previous key that I have?
No. They will all remain the same and you can have multiple secret keys active at the same time.

What happens if I have a secret key on my app with OSP and I accidentally delete the secret key on the console?
If you accidentally delete a secret key, purchases will stop working on the app that is using the now-deleted secret key.

Can I use the same secret key in multiple apps, or is it one secret key per app?
That is your choice. You may only generate one secret key and use that for all your apps, or, you can generate several and use them however you like throughout all your apps.

If I lose my secret key after generating it, can I see it again?
No. After generating the secret key, you need to save it and never lose it, otherwise, you won't have access to it again and will have to generate and use a new secret key.