--- type: "faq" title: "Frequently Asked Questions | Eko Platform Services API" description: "Answers to common questions about integrating Eko's APIs — getting started, authentication, SDKs and AI tooling, sandbox testing, response times, billing, error handling, versioning, and data privacy & compliance." canonical: "https://eps.eko.in/faq" --- > **Canonical URL:** https://eps.eko.in/faq > This is a machine-readable Markdown version of the page for AI agents and LLMs. The primary (HTML) version lives at the canonical URL above. # Frequently Asked Questions Common questions about integrating Eko's APIs, across all products. ### How do I get started? Sign up on Connect App, submit the required documents, integrate the REST API using our sandbox environment, and go live. Also see: [Developer docs](https://eps.eko.in/docs) · [Sign up](https://eps.eko.in/signup) ### What are the different ways to integrate with Eko? Integrate in whichever way suits your stack: call the REST APIs directly, use our official SDKs (JavaScript and PHP) to skip request-signing boilerplate, or let an AI coding agent build the integration using our MCP server and skills. See the Developers and AI sections for each path. Also see: [SDKs & developer docs](https://eps.eko.in/docs) · [Integrate with AI](https://eps.eko.in/ai) ### How does API authentication work? Each request carries your static `developer_key` header plus a per-request `secret-key` header — an HMAC-SHA256 signature of the current timestamp, keyed by your access key. The access key itself is never sent over the wire. You receive UAT keys on signup and production keys after KYC. Also see: [How auth works](https://eps.eko.in/docs/how-auth-works) ### Is there a sandbox environment for testing? Yes. A full sandbox environment is available immediately on signup. You can test your integration end-to-end before going live — no commitment required. Also see: [Get started](https://eps.eko.in/docs) ### What are the sandbox and production base URLs? Sandbox and production share the same paths and differ only by base URL: use https://staging.eko.in/ekoapi/v3 for UAT / Sandbox, and https://api.eko.in/ekoicici/v3 for Production. A common cause of failures is calling the sandbox/staging URL with live credentials (or vice-versa) — make sure the base URL matches the keys you are using. Also see: [Get started](https://eps.eko.in/docs) · [How auth works](https://eps.eko.in/docs/how-auth-works) ### Do I need to whitelist my server IP? Production API access may require your static public (server) IP to be whitelisted. If your calls work from Postman but fail or time out from your own server, share your static public IP with us so we can whitelist it. Also see: [Developer docs](https://eps.eko.in/docs) ### What response times can I expect? Most verification APIs return in real time with sub-second responses, and 99th-percentile latency stays under two seconds across verification endpoints. Transaction APIs (DMT, AePS, BBPS) respond within seconds. ### Can the API handle high volumes? Yes. The API is designed to handle large-scale volumes reliably without performance degradation. ### How is API usage billed? Usage is billed per successful API call with no minimum commitment. Volume-based pricing tiers are available — contact our team for detailed rates. Also see: [Pricing & calculator](https://eps.eko.in/pricing) ### How are errors and failures reported? Every response includes a status code and a human-readable message. Failed requests return specific error codes indicating the reason, so you can handle each case programmatically. Also see: [Error codes reference](https://eps.eko.in/docs/error-codes) ### How does API versioning work? Eko APIs are versioned in the base path (currently v3). Sandbox and production share the same paths and differ only by base URL. Also see: [Developer docs](https://eps.eko.in/docs) ### What data privacy and compliance standards does Eko follow? Eko follows applicable RBI and data-protection guidelines for its regulated banking and KYC services. Aadhaar-based KYC is performed only with explicit customer consent. ### How do I report an integration issue? Share the complete request and response so we can debug quickly: the full curl (including headers), the response body, the timestamp, and your initiator_id, user_code and client_ref_id. Issues raised with these details are resolved much faster. ### Are there any common integration gotchas to know? Two frequent ones: client_ref_id must be at most 20 characters, and the JSESSIONID cookie that Postman adds automatically is harmless — it has no effect on the API and can be safely ignored. To get started, fill the form at https://eps.eko.in/signup (with your name, mobile number and email) or call us at +919513181707 [Site index](https://eps.eko.in/index.md): Full list of API products, industries, and solution packs