When you create your API client via the Dashboard, you are given a Client ID and Client Secret, both of which are needed to authenticate calls to our API.
Your Client Secret is generated and shown once when you create a new API client and cannot be shown again, so please make a copy of it. It can be used to initiate payments, so be sure to keep your Client Secret secure: do not make it publicly visible, for example by committing it to GitHub, deploying it in client-side code, etc.
Authenticating an API request
To authenticate calls to our API, set the Authorization header to “Basic ” + the Base64 encoding of the string ”clientSecret”.
For example, if your Client ID were key and your Client Secret were secret, your requests should contain the header:
Authorization: Basic a2V5OnNlY3JldA==