Getting started
Authentication
Authenticate requests with API keys and Bearer tokens.
Bearer tokens
All requests are authenticated with an API key passed as a Bearer token. Use sandbox keys (sk_test_…) during development and production keys (sk_live_…) once you promote.
http
Authorization: Bearer sk_test_8f3k29ab1c4d5e6f
Content-Type: application/jsonKey management
Rotate keys from your dashboard. Compromised keys can be revoked immediately and MFA is required for any production-scope mutation.