The Paytree API authenticates requests using API keys, which you can view and manage in your back office.
Since your API keys grant access to sensitive functions, it’s important to keep them secure. Never expose your secret API keys in publicly accessible areas like GitHub, client-side code, or similar locations.
All API requests must be made over HTTPS. Requests sent via plain HTTP will be automatically redirected to HTTPS. Additionally, any requests without proper authentication will fail.
How to authenticate
All requests should have an Authorization header followed by Token and your API key. For example.
