To securely authenticate your API calls, you must include your secret API key in the Authorization header of every request.
Obtaining Your API Key
Your secret API key is a unique identifier that grants you access to the Chowdeck API. Keep it confidential and do not share it publicly. You can find your API key in your Chowdeck Dashboard under the "API Settings" or "Developers" section.
How to Use Your API Key
Include your secret API key in the Authorization header of your HTTP requests using the Bearer scheme.
Header Format:
Authorization: Bearer YOUR_SECRET_API_KEY
Replace YOUR_SECRET_API_KEY with your actual secret key obtained from your dashboard.
Example Request
Here's an example of how you might include your API key in a cURL request:
curl -X GET \
https://api.chowdeck.com/merchant/YOUR_MERCHANT_REFERENCE/orders \
-H 'Authorization: Bearer YOUR_SECRET_API_KEY'Security Best Practices
- Keep your API key secret: Never expose your secret API key in client-side code, public repositories, or unsecured channels.
- Use environment variables: Store your API key as an environment variable rather than hardcoding it directly into your application.
- Rotate keys regularly: Periodically generate new API keys and revoke old ones to minimize the risk of compromise.