Authentication - Acclaim

All requests to the Acclaim API require authentication using an API key. API keys are used to identify and authorize requests made by your organization. You can create and manage your API keys in the Acclaim Console under Settings → Developers → API Keys.

API Keys

Acclaim provides two types of keys:

Type	Usage	Example
Secret key	Used for server-side API requests. Must be kept private.	`sk_live_ABC123...`
Publishable key	Used in client-side integrations (for example, embeddable payee forms).	`pk_live_DEF456...`

Secret keys allow full access to your account and must never be exposed in client code, logs, or version control.

Authorization Header

Include your secret API key as a Bearer token in the Authorization header when making requests:

Text

Authorization: Bearer sk_live_ABC123

Environment

The same API endpoint is used for both sandbox and production requests:

Text

https://api.withacclaim.com/v1

Sandbox and production environments are isolated by key — sandbox keys begin with sk_test_, while live keys begin with sk_live_.

Example

cURL

curl https://api.withacclaim.com/v1/wallets \
    -H "Authorization: Bearer sk_test_12345" \
    -H "Content-Type: application/json"

Best Practices

Rotate API keys periodically.
Limit key permissions to only what’s required.
Revoke unused keys immediately.
Never embed secret keys in client-side or mobile applications.

Documentation Index

​API Keys

​Authorization Header

​Environment

​Example

​Best Practices

API Keys

Authorization Header

Environment

Example

Best Practices