Getting started

Authentication

Authenticate requests with API keys and Bearer tokens.

Bearer tokens

All requests are authenticated with an API key passed as a Bearer token. Use sandbox keys (sk_test_…) during development and production keys (sk_live_…) once you promote.

http
Authorization: Bearer sk_test_8f3k29ab1c4d5e6f
Content-Type: application/json

Key management

Rotate keys from your dashboard. Compromised keys can be revoked immediately and MFA is required for any production-scope mutation.