Updated

Authentication

The Change API is authenticated using public and secret keys. Sign up for a Change account to get your keys.

You have four keys; two test keys and two production keys. Test keys contain _test, and production keys contain _live.

Key PrefixDescription
pk_test…Your public key for testing.
sk_test…Your secret key for testing.
pk_live…Your public key for production. Donations made with this key will be billed.
sk_live…Your secret key for production. Donations made with this key will be billed.

Authentication is perfomed with HTTP Basic Auth. Most HTTP clients have built-in Basic Auth. Here are some examples (If you’re logged in with your Change account, your test keys will be auto-filled):

Ruby

req.basic_auth 'YOUR_PUBLIC_KEY', 'YOUR_SECRET_KEY'
HTTParty.get(endpoint, basic_auth: {
username: 'YOUR_PUBLIC_KEY',
password: 'YOUR_SECRET_KEY'
})

Python

requests.get(endpoint, auth=('YOUR_PUBLIC_KEY', 'YOUR_SECRET_KEY'))

JavaScript

http.get(endpoint, { auth: 'YOUR_PUBLIC_KEY:YOUR_SECRET_KEY' });

Or, use a header

Alternatively, you can authenticate manually using the Authorization header. Set the following header on your requests:

Authorization: Basic YOUR_ENCODED_CREDENTIAL

Your encoded credential is calculated like this, which you can run in your terminal:

printf 'pk_...:sk_...' | base64
Made with ❤ in San Francisco