All Circle APIs use API keys as the mechanism to authenticate client requests.

The API key must be set in the Authorization header of the request sent from your backend server. The format of the header is Bearer YOUR_API_KEY.

The API key should be sent in Base64 encoded format. Note that the API key provided on the Sandbox environment is already Base64 encoded and can be directly used in the headers.

Authorization: Bearer YOUR_API_KEY

API requests without authentication will fail. It is also important to note that all API requests must be made over HTTPS.

Testing Authentication

You can verify your API key is correctly setup by hitting a read endpoint such as the configuration endpoint. Try running the command below to do that.

# Replace ${YOUR_API_KEY} with your API key
curl -H 'Accept: application/json' \
  -H "Authorization: Bearer ${YOUR_API_KEY}" \
  -X GET --url


Successful Response

If you get a successful response, your API key should be correctly set up.


Error Response

If instead you get a response stating your credentials are invalid, you should check that your API key is correct.

What’s Next