We use bearer tokens to secure our endpoints, this guide will help you get secure access.
We use secure tokens to enforce authentication on all endpoints. As part of your onboarding, you'll be given a CLIENT_SECRET. This be environment specific, meaning you'll need a different one for Production and for the Sandbox.
In order to authenticate with our RestAPIs, you'll need to add your CLIENT_SECRET to each API request headers as a Bearer token.
You can test this in the API explorer for these endpoints by passing in Bearer <Client_Secret> into the Authentication option for each endpoint. The TestAuth endpoint provides the simplest way of verifying this works correctly.
Without adding this Authentication header, all APIs will return 401 errors
If for any reason you believe your api keys have been compromised, contact the GiveCard team immediately to request new keys and have the old ones disabled.