Authentication

The Change API is authenticated using public and secret keys. Sign up for a Change account to get your keys.

You have four keys; two test keys and two production keys. Test keys contain _test, and production keys contain _live.

Key PrefixDescription
pk_testā€¦Your public key for testing.
sk_testā€¦Your secret key for testing.
pk_liveā€¦Your public key for production. Donations made with this key will be billed.
sk_liveā€¦Your secret key for production. Donations made with this key will be billed.

Authentication is perfomed with HTTP Basic Auth. Most HTTP clients have built-in Basic Auth. Here are some examples (If youā€™re logged in with your Change account, your test keys will be auto-filled):

JavaScript

const encodedCredential = btoa('YOUR_PUBLIC_KEY' + ':' + 'YOUR_SECRET_KEY');
fetch(endpoint, {
headers: {
'Authorization': 'Basic ' + encodedCredential,
}
})

http.get(endpoint, { auth: 'YOUR_PUBLIC_KEY:YOUR_SECRET_KEY' });

Ruby

req.basic_auth 'YOUR_PUBLIC_KEY', 'YOUR_SECRET_KEY'

HTTParty.get(endpoint, basic_auth: {
username: 'YOUR_PUBLIC_KEY',
password: 'YOUR_SECRET_KEY'
})

Python

requests.get(endpoint, auth=('YOUR_PUBLIC_KEY', 'YOUR_SECRET_KEY'))

Or, use a header

Alternatively, you can authenticate manually using the Authorization header. Set the following header on your requests:

Authorization: Basic YOUR_ENCODED_CREDENTIAL

Your encoded credential is calculated like this, which you can run in your terminal:

printf 'pk_...:sk_...' | base64
Made with ā¤ in San Francisco | Changelog | Status