API keys- Copy for LLMCopy page as Markdown for LLMs
- View as MarkdownOpen this page as Markdown
- Open in ChatGPTGet insights from ChatGPT
- Open in ClaudeGet insights from Claude
- Copy for LLMCopy page as Markdown for LLMs
- View as MarkdownOpen this page as Markdown
- Open in ChatGPTGet insights from ChatGPT
- Open in ClaudeGet insights from Claude
This topic describes API keys and how to use them in Rebilly.
The following key types are available:
- Secret key: Use to authenticate requests on a server. By default, secret keys can be used to perform any API request without restriction. Secret keys must be kept secret and stored securely in the server-side code of your web or mobile application.
- Publishable key: Use to tokenize payment information in your client-side code. Publishable keys are publicly accessible in a web browser or mobile application. Publishable keys are mainly used to create tokens, which are a representation of a payment source that hides sensitive information.
When interacting with the Rebilly API, you use your organization ID and secret key to authenticate requests. This CURL request describes how to authenticate a request using a secret key. To obtain your secret key, seeObtain a secret key. To obtain your organization ID, seeObtain an organization ID.
curl 'https://api-sandbox.rebilly.com/organizations/your_organization_id' \-H'REB-APIKEY: your_secret_API_key'API keys use the following format:type_environment_tokenizedPayload
| Type of key | Example |
|---|---|
| Secret key in the sandbox environment | sk_sandbox_K7W_ZG1OvxkXmtDx2kaE39IN2YZF0INVcqsdgXl |
| Publishable key in the live environment | pk_live_CaDB_u9Jb6JeeaR_p811KmwiGTyJOmg1WInsmuo |
This section describes how to manage API keys.
Use this process to create new API keys.
- In the left navigation bar, press Automations.
- In theDevelopment section, pressAPI keys.
- In top right of the screen, pressCreate API key.
- In theDescription field, enter a recognizable name for the key.
- In theType section, selectSecret orPublishable.
- Optionally, in theOrganizations dropdown, select an organization to associate with the key.
- Optionally, in theAllowed IPs field, enter a list of IP address that are permitted to use the API key.
Note: LeavingAllowed IPs field empty allows all IP addresses. - PressSave API Key to store API key.
Use this process to view and obtain API keys.
- In the left navigation bar, press Automations.
- In theDevelopment section, pressAPI keys.
- In the API keys table, under theKey column, press Copy.
Use this process to obtain a publishable API key. This key is required to interact with the Rebilly API.
- In the left navigation bar, press Automations.
- In theDevelopment section, pressAPI keys.
- Optionally, if you have not created a publishable key:
- In top right of the screen, pressCreate API key.
- In theDescription field, enter a recognizable name for the key.
- In theType section, selectPublishable.
- Optionally, in theOrganizations dropdown, select the organizations that can use the API key.
- Optionally, in theAllowed IPs field, enter the IP addresses that are permitted to use the API key.
- PressSave API key.
- Go to the API keys page.
- Select a publishable key and copy theKey value.
Use this process to obtain a secret key.
- In the left navigation bar, press Automations.
- In theDevelopment section, pressAPI keys.
- Optionally, if you have not created a secret key:
- In top right of the screen, pressCreate API key.
- In theDescription field, enter a recognizable name for the key.
- In theType section, selectSecret.
- Optionally, in theOrganizations dropdown, select the organizations that can use the API key.
- Optionally, in theAllowed IPs field, enter the IP addresses that are permitted to use the API key.
- PressSave API key.
- Go to the API keys page.
- Select a secret key and copy theKey value.
Use this process to edit or delete an API key.
Key deletion is permanent.
In the left navigation bar, press Automations.
In theDevelopment section, pressAPI keys.
Select from the following:
Edit an API key:
- In the API keys table, under theName column, press an API key.
- Edit the API key, then pressSave API key.
Delete an API key: In the API keys table, on the right of an API key, press Delete.
To ensure that an API request is handled by the intended Rebilly account, always include theorganizationId in the request URL. API keys are associated with the user who creates them. In Rebilly, a user may be a member of one or more organizations, and may also join or leave organizations. Example:https://api-sandbox.rebilly.com/organizations/{organizationId}/customers.
To associate an API key with an organization, when you create or edit a key, in theOrganizations dropdown, select an organization. For more information, seeCreate an API key orEdit an API key.