Create Account
Authorization

Authenticate every TRUXX HUB API request with your environment key.

TRUXX HUB uses header-based API key authentication through x-api-key. The API first validates that the key is being used against the correct host, then verifies the key and wallet state before the request reaches protected business logic.

Back to get started
Request headerSandbox example
x-api-key: truxx_sk_test_6d0f0e50dc9a428ba54d65d7754b4aec
Testhttps://hub-sandbox-api.truxx.ae
Livehttps://hub-api.truxx.ae

Request authentication

Send your API key in the x-api-key header on each protected request. Key prefixes are inspected before database verification, so live keys are blocked on the sandbox host and test keys are blocked on the live host with 403 Invalid host for API key. 

curl --location 'https://hub-sandbox-api.truxx.ae/api/Trips/get-estimated-price' \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: truxx_sk_test_6d0f0e50dc9a428ba54d65d7754b4aec' \
  --data '{
    "fromLat": 24.4667,
    "fromLng": 54.3667,
    "toLat": 25.2048,
    "toLng": 55.2708,
    "vehicleTypeId": 1,
    "departureTime": "2026-03-18T05:36"
  }'

API key format

TRUXX HUB issues environment-scoped keys using a predictable prefix:

  • truxx_sk_test_xxxxxxxxxxxxxxxxx for sandbox integrations
  • truxx_sk_live_xxxxxxxxxxxxxxxxx for production integrations
  • The raw key is shown only once at creation time
  • Keys can be disabled or revoked at any time

Get your API key

Generate API keys from the TRUXX HUB portal before calling protected endpoints.

Test portalhttps://hub-sandbox.truxx.ae/
Live portalhttps://hub.truxx.ae/
  1. Open the correct TRUXX HUB portal for your target environment
  2. Go to Developers > API Keys
  3. Click Add New
  4. Enter a clear name for the API key so your team can identify its purpose
  5. Create the key and copy the generated value immediately
  6. Store the key securely and use it only with the correct environment host
Important

Please save your API key in a safe place immediately after creation. You will not be able to view it again. Keep it secure, as anyone with your API key can make requests on your behalf. If you lose it, generate a new key.

Common authorization errors

API key is requiredThe request did not include a usable x-api-key header value.
Invalid API keyThe provided key does not match any stored SHA-256 key hash.
API key is inactiveThe key exists but is currently disabled.
API key is revokedThe key can no longer be used and must be replaced.
Invalid environmentThe key environment does not match the target host. The API returns 403 Invalid host for API key.
Wallet not foundNo wallet exists for the account associated with the key.
Insufficient wallet balanceThe wallet exists but does not have enough balance to continue.