For security, all Charge API requests require authentication with API keys. You can view and manage your API keys in the Charge Dashboard.
  • Keys determine environment: ch_sk_test_ for testing, ch_sk_live_ for production
  • Restricted API keys available for granular permissions
AUTHENTICATED REQUEST
# Authentication using Bearer token header
curl https://api.chargeapi.co/v1/accounts \
    -H "Authorization: Bearer ch_sk_test_4eC39HqLyjWDarjtT1zdp7dc"

Security Best Practices

  • HTTPS Only: All API requests must use HTTPS
  • Rotate regulary your API keys.
  • Keep your secret keys secure! Never commit them to source control repositories, include them in client-side code, or expose them in public-facing applications.