API keys
This topic describes API keys and how to use them in Rebilly.
The following key types are available:
- Secret key: Use to authenticate requests on a server. By default, secret keys can be used to perform any API request without restriction. Secret keys must be kept secret and stored securely in the server-side code of your web or mobile application.
- Publishable key: Use to tokenize payment information in your client-side code. Publishable keys are publicly accessible in a web browser or mobile application. Publishable keys are mainly used to create tokens, which are a representation of a payment source that hides sensitive information.
API key format
API keys use the following format: type_environment_tokenizedPayload
Type of key | Example |
---|---|
Secret key in the sandbox environment | sk_sandbox_K7W_ZG1OvxkXmtDx2kaE39IN2YZF0INVcqsdgXl |
Publishable key in the live environment | pk_live_CaDB_u9Jb6JeeaR_p811KmwiGTyJOmg1WInsmuo |
Manage API keys
This section describes how to manage API keys.
Create an API key
Use this process to create new API keys.
-
In the left navigation bar, click
.
- In the Development section, click API keys .
- In top right of the screen, click Create API key .
- In the API key name field, enter a recognizable name for the key.
- In the API key type section, select Secret or Publishable .
- Optionally, in the Select organizations dropdown, select an organization to associate with the key.
-
Optionally, in the
Allowed IPs
field, enter a list of IP address that are permitted to use the API key.
Note: Leaving Allowed IPs field empty allows all IP addresses. - Click Save API Key to store API key.
Obtain an API key
Use this process to view and obtain API keys.
-
In the left navigation bar, click
.
- In the Development section, click API keys .
-
In the API keys table, under the
Key
column, click
.
Obtain a publishable API key
Use this process to obtain a publishable API key. This key is required to interact with the Rebilly API.
-
In the left navigation bar, click
.
- In the Development section, click API keys .
-
Optionally, if you have not created a publishable key:
- In top right of the screen, click Create API key .
- In the API key type section, select Publishable , then complete the form and click Save API key .
- Go back to the API Keys page.
- Select a publishable key and copy the Key value.
Edit or delete an API key
Use this process to edit or delete an API key.
warning
Key deletion is permanent.
-
In the left navigation bar, click
.
- In the Development section, click API keys .
-
Select from the following:
-
Edit an API key:
- In the API keys table, under the Name column, click an API key.
- Edit the API key, then click Save API key .
-
Delete an API key: In the API keys table, on the right of an API key, click
.
-
Edit an API key:
Associate keys with organizations
To ensure that an API request is handled by the intended Rebilly account, always include the organizationId
in the request URL. API keys are associated with the user who creates them. In Rebilly, a user may be a member of one or more organizations, and may also join or leave organizations. Example: https://api-sandbox.rebilly.com/organizations/{organizationId}/customers
.
To associate an API key with an organization, when you create or edit a key, in the Select organizations dropdown, select an organization. For more information, see Create an API key or Edit an API key.