Olyn API Authentication

Learn how Olyn API authenticates requests

Introduction

The Olyn API uses API keys to authenticate requests.
Sandbox mode secret keys have the prefix sandbox_ while live mode API keys do not have any.

Your API keys carry many privileges, so be sure to keep them secure! The authentication system has been designed to be a backend service connecting to Olyn API, do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

As Olyn-API is designed around a RESTful API architecture, the API Keys are intended to be used per request, as Olyn API does not store any state.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication or badly configured authentication will also fail.


Authentication Format

The Olyn API checks for Request headers to authenticate and authorize the API request.

{
    "X-API-KEY": "your-api-key",
    "X-ORG-CODE": "your-org-code"
}

You need to provide both fields with the correct values in order to authenticate and authorize the API request, otherwise, you will be thrown a 401 response.


Get API Keys

Learn how Olyn handles errors in the API.

Did this page help you?