The Payluk API uses API keys to authenticate requests. You can view, create, and manage your API keys from the Payluk Dashboard.
Each API request must include your secret API key in the Authorization header. Requests made without valid authentication will be rejected.
API Keys
Payluk provides separate API keys for different environments:
- Sandbox keys are used for testing and development
- Live keys are used for production transactions
Always ensure you are using the correct API key for the environment you are working in.
For enhanced security, merchants may also apply additional restrictions such as IP whitelisting from the dashboard.
Authentication Header
All authenticated requests must include the following HTTP header:
Authorization: Bearer YOUR_SECRET_KEY