Authentication

Secret Key

Authentication can performed using your account secret_key, which can be found on your organization page.

Never share your secret key. If you are concerned your key has been compromised, please contact us right away.

If you would like more than one secret key (e.g. for development environments), please contact us.

Your secret key should only be used for POST requests as part of the request body, never in the query parameters. For non-POST requests, please use another form of authentication.

HTTP Basic Authentication

The API will respond to requests with the HTTP Authorization header set to Basic <encoded value>, where <encoded value> is a Base 64 encoded value of a string with your account API token (found on your organization page) and a secret key on your account in the format of <API token>:<secret key>.

For example, if your API token is token and your secret key is secret, then the header would be set to Basic dG9rZW46c2VjcmV0.

OAuth

The API can be authenticated using a valid OAuth 1.0 request. If you'd like an example, please reach out to Next Tech support.