❗️

This information will change when using v2.0 in production.

We have outlined how Authentication will change for v2.0 below and will provide further updates to this page.

Fidel API accounts have test and live API secret keys. To change environments just use the appropriate key to get a live or test object. You can find your API keys on the account page of your Fidel API dashboard.

📘

Key Types

For each environment, test, or live you will have one public and one secret API key.
Your API public keys always start with pk and the secret keys always start with sk.

Authenticate your API requests by including your test/live API secret key in the request header. Create an HTTP header named fidel-key and set your secret key as the value.

curl -X GET \
  https://api.fidel.uk/v1/transactions/85cdb967-5c5d-45e3-afdd-d0a9e792bf0f \
  -H 'content-type: application/json' \
  -H 'fidel-key: sk_test_50ea90b6-2a3b-4a56-814d-1bc592ba4d63'

Upcoming breaking change

During 2024 Q1 we will launch an authentication endpoint for Authentication that will return an expirable jwt containing claims that the client can use as an authentication mechanism for our APIs. This authentication mechanism is standard across client-server interactions. This will be part of the required authentication method for the Fidel API v2.0 production instance.

The process will have the following steps:

• Client requests a token from the Authentication endpoint with a request containing the client_id and client_secret.
• The Authentication will respond with a jwt token with appropriate claims that the client should include in the Authentication header with the Bearer format.
• Since the token will be expirable, the access renewal can be achieved through requesting a new token or through the usage of a refresh token.