Payable's API uses two types of authentications to authorise requests, API keys and OAuth2.
API keys are used for API to API integration, while the OAuth2 authentication mechanism interacts with the Payable Dashboard and, therefore, our API.
Please be aware that your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, or others.
Authentication to the API always needs to be via HTTPS. Provide your API key under the X-Api-Key header or JWT as a Bearer under the Authorisation header.
API key example
curl --location --request GET 'https://api.payable.co/' \
--header 'Content-Type: application/json' \
--header 'X-Api-Key: live_<valid-key>'
Bearer example
curl --location --request GET 'https://api.payable.co/' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer a-valid-token'