Authentication

The NowRamp Onramp API is designed for simplicity — most endpoints are public and don’t require an API key.

Onramp API (Public)

All Onramp API endpoints (/public/v1/onramp/*) are public. Pass your projectId as a query parameter or in the request body:

// No API key needed
const quotes = await fetch(
  'https://api.nowramp.com/public/v1/onramp/quotes?projectId=your_project_id&fiatCurrency=USD&cryptoCurrency=ETH&network=ethereum&fiatAmount=100'
).then(r => r.json());

Optional: Public Key for Higher Rate Limits

By default, public endpoints are rate-limited to 60 requests per minute. To increase this to 1000 requests per minute, include a public key (pk_) in the X-API-Key header:

curl "https://api.nowramp.com/public/v1/onramp/quotes?projectId=YOUR_PROJECT_ID&fiatCurrency=USD&cryptoCurrency=ETH&network=ethereum&fiatAmount=100" \
  -H "X-API-Key: pk_live_your_public_key"

Public keys (pk_) are safe to use in frontend code.

API Key Types

Key Prefix	Type	Usage
`pk_live_`	Public Key (Live)	Frontend — optional, for higher rate limits
`pk_test_`	Public Key (Test)	Frontend — sandbox environment
`sk_live_`	Secret Key (Live)	Backend only — partner dashboard operations
`sk_test_`	Secret Key (Test)	Backend only — sandbox

Secret keys (sk_) must never be exposed in client-side code. They are only needed for partner dashboard operations (webhook management, API key rotation, etc.), not for the Onramp API.

Getting Your Keys

Log in to your Partner Dashboard
Navigate to Settings > API Keys
Copy your project ID and public key

See the Partner Dashboard guide for more details.

Environments

Environment	Key Prefix	API URL
Production	`pk_live_` / `sk_live_`	`https://api.nowramp.com`
Sandbox	`pk_test_` / `sk_test_`	`https://api.sandbox.nowramp.com`

Security Best Practices

Store Keys in Environment Variables

# .env (never commit this file)
NEXT_PUBLIC_NOWRAMP_PROJECT_ID=your_project_id
NEXT_PUBLIC_NOWRAMP_PUBLIC_KEY=pk_live_abc123xyz789

const api = new RampApi({
  projectId: process.env.NEXT_PUBLIC_NOWRAMP_PROJECT_ID,
  apiKey: process.env.NEXT_PUBLIC_NOWRAMP_PUBLIC_KEY  // Optional
});

Key Rotation

Rotate your API keys periodically via the Partner Dashboard:

Go to Settings > API Keys
Click Roll next to the key
Update your application configuration
The old key remains valid for 24 hours (grace period)

Error Codes

Error Code	HTTP Status	Description
`INVALID_API_KEY`	401	API key is invalid or revoked
`RATE_LIMIT_EXCEEDED`	429	Too many requests — add a `pk_` key or implement backoff

Next Steps

Onramp API — Full endpoint documentation
Callback URLs — Set up transaction notifications
Partner Dashboard — Manage keys and configuration

Getting Started

Guides

Resources

Authentication

Authentication

Onramp API (Public)

Optional: Public Key for Higher Rate Limits

API Key Types

Getting Your Keys

Environments

Security Best Practices

Store Keys in Environment Variables

Key Rotation

Error Codes

Next Steps

Getting Started

Guides

Resources

​Authentication

​Onramp API (Public)

​Optional: Public Key for Higher Rate Limits

​API Key Types

​Getting Your Keys

​Environments

​Security Best Practices

​Store Keys in Environment Variables

​Key Rotation

​Error Codes

​Next Steps

Authentication

Onramp API (Public)

Optional: Public Key for Higher Rate Limits

API Key Types

Getting Your Keys

Environments

Security Best Practices

Store Keys in Environment Variables

Key Rotation

Error Codes

Next Steps