Skip to main content

Authentication

The Olyn API uses API keys and Organization codes to authenticate requests. You can manage your API keys and Org code in Olyn Developer Portal.

Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth. If you feel as though your API key has been compromised, you can generate a new key at any time.

Authentication to the API is performed via a combination of the X-API-KEY header and the X-ORG-CODE header. Provide both your API key and unique organization code in the headers of all requests to authenticate to the Olyn API.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail will redirect to HTTPS automatically. API requests without authentication will fail.