Authentication
Authenticate your API calls by including your secret key in the Authorization header of every request you make. To get your secret key please go to Bloc Dashboard
When you are testing your integration, only use the
secret keyprovided in the Test Environment. When you are ready to go live, please update your API keys with thesecret keyprovided in the Live Environment.If you do not use the right keys, your API calls will return an error 401. See Status codes below for more on errors.
How to authenticate your API
Authorization headers should be in the following format: Authorization: Bearer SECRET_KEY
Sample Authorization Header
Authorization: Bearer sk_test_6308e29146f951*291b3dd632
About your API keys
Generally, we provide both public and secret keys.
| Environment | Description |
|---|---|
| Secret Key | Secret keys, obviously, are meant to be kept secret. By design, they are responsible for authenticating all transactions and API requests sent from your platform. If for any reason you believe your secret key has been compromised, you can reset them from the dashboard. |
| Public Key | Public keys are meant to be used from your front end when integrating our widget. Basically, public keys cannot modify any changes to your account except for initiating transactions with you. |
Do not use your secret key in client-side code or include it in any part of public code.
Updated 6 months ago