🔑 API Keys Setup Guide

Manage your Africa Railways API credentials

Security Warning: These API keys are sensitive credentials. Never share them publicly, commit them to git, or expose them in client-side code.

Generate New API Keys

Generate a new set of API keys for your application. Old keys will remain active for 7 days after generating new ones.

Keys are generated securely and encrypted

Your API Keys

You haven't generated any API keys yet.

Click "Generate New API Keys" above to create your first keys.

Setup Checklist

Add your API keys to these locations:

1 Add to GitHub Secrets

Steps:

  1. Go to your repository settings
  2. Navigate to Settings → Secrets → Actions
  3. Click "New repository secret"
  4. Add RAILWAYS_API_KEY with your key value
  5. Add AFRICOIN_API_KEY with your key value

Verify with CLI:

gh secret list --repo mpolobe/africa-railways

2 Add to Vercel Environment Variables

  1. Go to Vercel Dashboard
  2. Select your project (africa-railways)
  3. Go to Settings → Environment Variables
  4. Add both API keys for all environments
  5. Redeploy your backend

3 Test Your Setup

Test API Connection:

# Test Railways API key
curl -H "Authorization: Bearer YOUR_RAILWAYS_KEY" \
     https://africarailways.com/api/health

# Test Africoin API key  
curl -H "Authorization: Bearer YOUR_AFRICOIN_KEY" \
     https://africarailways.com/api/health

Valid keys return 200 OK. Invalid keys return 401 Unauthorized.

Security Best Practices

✅ Do ❌ Don't
Keep keys in environment variables Commit keys to git
Rotate keys every 90 days Share keys publicly
Use HTTPS only Log keys in backend
Monitor API usage Hardcode keys in source

Need Help?

Contact our developer support team:

WhatsApp api@africarailways.com