We support three kinds of authentication:

  • API key

  • Bearer token (no refresh token)

  • Basic flow

Merchants enter their authentication key when they first activate your integration.

API key

You can have the merchant’s API key as a header or a query parameter. You can configure the field name, and add multiple headers if you need them.

If you need merchants to enter an additional authentication parameter like their username and password, you can add those by creating settings and using the variable as the value.

Bearer token

We will automatically attach an Authorization header to your requests. We will add the merchant’s key after "Bearer". We can only support bearer tokens that don’t expire, and we don’t support refresh tokens yet.

Authorization: Bearer YW5keTpjYXJnaW5keTpjYXJnaWxs

Basic flow

We will automatically attach an Authorization header to your requests. We will add the merchant’s key after "Basic".

Authorization: Basic YW5keTpjYXJnaWxs

Let’s take a look at creating settings now.

Did this answer your question?