Authentication

Authentication is via API Key using your Secret key as value and X-Authorization as key in your header. You can view and manage these keys on the settings page of your account dashboard.

Test mode secret keys have the prefix sk_test_ and live mode secret keys have the prefix sk_live_.

API keys

Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail with the status code 401: Unauthorized.

Sample Authorization Header

X-Authorization: sk_test_dkdiekd4548dkkewqzxv