When you create your API client via the Dashboard, you are given a Client ID and Client Secret, both of which are needed to authenticate calls to our API.

Keep your Client Secret safe

Your Client Secret is generated and shown once when you create a new API client and cannot be shown again, so please make a copy of it. It can be used to initiate payments, so be sure to keep your Client Secret secure: do not make it publicly visible, for example by committing it to GitHub, deploying it in client-side code, etc.

Authenticating an API request

To authenticate calls to our API, set the Authorization header to Basic and then the Base64 encoding of the string $clientId:$clientSecret.

For example, if your Client ID is “key” and your Client Secret is “secret”, your requests should contain the header:

Authorization: Basic a2V5OnNlY3JldA==

Rate limits

The Sequence API uses a number of safeguards against bursts of incoming traffic to help maximise its stability. Users who send many requests in quick succession might see error responses that show up as status code 429.

Sequence allows up to 100 API requests per minute, per Authorization token.

Treat these limits as maximums and don’t generate unnecessary load. If you suddenly see a rising number of rate limited requests, please contact support.

We may reduce limits to prevent abuse, or increase limits to enable high-traffic applications. To request an increased rate limit, please contact support.