The publishable key enables you to perform one operation only: creating a payment. Thus, you can attach the publishable key to public web forms (e.g., as an HTML hidden field).
The secret key enables you to all kinds of operations available in this documentation. The secret key is powerful and thus it must be kept secret at all times.
Moyasar provides a sandbox environment for testing purposes, Using the test mode doesn't affect your live data or interact with the banking networks. This allows you to test your integration and ensure that everything is working correctly before going live with actual payments.
Test mode publishable keys have the prefix pk_test_ and live mode publishable keys have the prefix pk_live_.
Test mode secret keys have the prefix sk_test_ and live mode secret keys have the prefix sk_live_.
Authentication to the API is performed via HTTP Basic Auth. Provide your API key as the basic auth username value. You do not need to provide a password.
All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail. here is an example of the List Payments endpoint in different programming languages