Follow these guidelines to build a secure, reliable, and maintainable integration.Documentation Index
Fetch the complete documentation index at: https://developer.quickei.io/llms.txt
Use this file to discover all available pages before exploring further.
Security
Always use HTTPS
All API requests must use HTTPS. HTTP requests will be rejected.
Protect your keys
Store API keys in environment variables or a secrets manager. Never commit them to version control.
Verify webhooks
Always validate the
X-Quickei-Signature header before processing webhook events. See Webhooks.Rotate credentials
Regenerate your API keys periodically and after any suspected compromise.
Reliability
Use idempotency keys
Include a unique
idempotency_key when creating orders to prevent duplicate transactions if a request is retried.Implement retry logic
Use exponential backoff for transient errors (429, 5xx). Start with a 1-second delay and double it on each retry, up to a maximum of 30 seconds.
Handle token expiry
Access tokens expire after 10 minutes. Implement automatic token refresh before expiry rather than waiting for a 403 error.
Monitoring
- Log all API responses — including successful ones — for debugging and audit trails
- Monitor webhook delivery — set up alerts for failed webhook deliveries
- Track response times — detect degradation early
- Set up health checks — periodically call a lightweight endpoint to verify connectivity
The Quickei API enforces a rate limit of 60 requests per minute on the POS API. Design your integration to stay well within this limit during normal operations.