Authenticate your requests to the Unzer API.
After you sign your Unzer contract, you get four API keys:
- Your sandbox public key (e.g.
- Your sandbox private key (e.g.
- Your production public key (e.g.
- Your production private key (e.g.
Your API keys are configured with permissions valid for your specific account. They are tied to you as a merchant.
|Key||Infix||Sandbox key example||Production key example|
Depending on the resource and method used, you either need your public key or your private key to authenticate your request.
For details on which features require a public key or a private key, go to: Authentication reference.
Your private key has multiple permissions. Make sure you keep it safe.
Never make your private key accessible on the web.
If your private key has been compromised, contact us to change it.
HTTP basic authentication requires a username and password. In the Unzer API, the username is your API key, and the password is empty:
- Username: your API key
To provide an empty password, add a colon (
:) at the end of your key, like this:
Remember to encode your API key with a Base64 encoder:
curl https://api.unzer.com/v1/payments/charges \ -u s-priv-xxxxxxxxxx:
var heidelpay = new Heidelpay('s-priv-xxxxxxxxxx');
Heidelpay heidelpay = new Heidelpay("s-priv-xxxxxxxxxx")
// In PHP you do not need to hash the secret key because it is done for you. // You can just create the Heidelpay object and pass your private key as parameter one $heidelpay = new Heidelpay('s-priv-xxxxxxxxxx', SupportedLocale::GERMAN_GERMAN);