What this article covers
Use this article when you want to:
Create an application inside a workspace (Android, iOS, and optionally Web)
Generate API keys and client secrets for your integration
Understand what to do with the keys afterwards
Each set of keys is scoped to a single workspace and a specific app/platform (Android, iOS, Web).
Before you start
You’ll need:
An active workspace already created in Gatekeeper
The application identifiers for each platform:
Android package name (e.g. com.gotkingsroad.app)
iOS bundle ID (e.g. com.gotkingsroad.app.ios)
A secure place to store secrets (password manager, env vars, secret manager, etc.)
🔐 Important
Client secrets are shown only once. Ensure that you copy and store them securely throughout the process.
Step 1 – Open the Generate API Keys flow
You can start from any of these places:
Home → Setup guide
On the Home page, in the Setup guide, find Get your API key(s).
Click Generate API Keys.
Home → Workspace card
On the Home page, under Start building or workspace information, click the badge No API Keys or the call-to-action for your workspace.
Settings → API Keys
In the left sidebar, click Settings.
Under Administration, click API Keys → Manage API Keys.
All three options lead you to the same place:
Workspace: <Workspace Name> with a button Generate API Keys.
Step 2 – Choose platforms and provide identifiers
Click Generate API Keys.
In the Generate API Keys for <Workspace> dialog:
Tick the platforms you want to configure now:
Android
iOS
Web (available in Enterprise plan)
For each selected platform, fill in:
Package Name (Android) or Bundle ID (iOS)
Example:
com.klyropay.android,com.klyropay.ios
When everything looks correct, click Generate API Keys.
Step 3 – Copy and store your client secrets
After generation, a Client Secrets Generated dialog appears:
You’ll see Android Client Secret and/or iOS Client Secret (and Web if enabled).
Each secret has a copy button to help you copy it.
These are sensitive credentials:
Store them securely (environment variables, secret manager, etc.).
Do not hard-code them in your mobile or web app.
Server-side components that talk to Gatekeeper should use these secrets.
Step 4 – Confirm acknowledgement
To make sure you’ve stored the secrets safely:
Click I’ve Stored These Securely.
A confirmation dialog appears, asking you to type I UNDERSTAND.
Type I UNDERSTAND exactly as shown and click Confirm.
After this step, the secrets will no longer be visible in the UI.
If you lose them, you’ll need to rotate/regenerate the keys.
Step 5 – Review your generated API keys
You’re returned to the Workspace: <Workspace Name> view, now showing cards for each platform:
Android API Key
iOS API Key
WEB API Key (if applicable)
Each card includes:
API Key – the identifier your app uses to talk to Gatekeeper
API URL – endpoint base URL for SDK and server calls
App ID – the package/bundle ID you provided
Additional Details (expandable):
Server API Key
Client ID
Client Secret (marked as “Securely Stored”)
OAuth2 Token Endpoint and other metadata
A Created timestamp and a Delete API Key button (for rotation).
How to confirm everything is set up correctly
You’ve successfully configured your application when:
A green banner at the top says “API keys generated successfully for: Android, iOS” (or the platforms you chose).
The No API Keys badge is gone, and you see platform cards under Workspace: <Workspace Name>.
The Setup guide step Get your API key(s) is marked as completed on the Home page.
What’s next?
After generating keys, you can:
Plug the API URL, API key and app identifiers into your mobile and backend configuration.
Follow the platform-specific guides:
Android SDK integration
iOS SDK integration
Web SDK integration (Enterprise)
Configure policies and rules for this workspace to control how fraud is detected and handled.
If you’re unsure which keys to use where (server vs client, staging vs production), contact us via the in-app chat and share your architecture — we can help you pick a safe setup.