Authentication

The Secure Payments API will look for two specific headers to authenticate your request: Authorization and Secret.

To view your authentication information, navigate to Settings > Company > Merchant > Secure Payments within your account.

🔑

Please note that your Secure Payments authentication information expires every 90 days.

Here is a breakdown of the required headers:

1. The Authorization header refers to the "Token" section of your Secure Payments authentication information. This token is long, so make sure you copy the whole thing when using it in a REST or HTTP client.

2. The Secret header refers to just that—the "Secret" section of your authentication information. This token is a little shorter; however, double-check you have it right when you copy this one, too.

Your completed headers will look something like this (just with full tokens instead of shortened ones):
Authorization: ZkZQSlo4dWdxanU0eW5ZNHNrTlQ3Zz09LkFRSURBSGpVakZZN2xySFRSRVhEU...
Secret: AQIDAHjUjFY7lrHTREXDSHYcKtz...

For more information regarding credentials, take a look at our Secure Payments Credentials Management article.