Learn how to authenticate with the Notch Pay API and secure your integration
test_
prefix.All transactions made with test API keys don’t affect your live data and are only visible in test mode.pk_
) are used for client-side operations that don’t require access to sensitive data. These keys can be safely included in your frontend code.Example: pk_test_123456789abcdef
Use for: Creating payment sessions, initializing the Notch Pay SDK in client-side codeAuthorization
header:
X-Grant
header with your private key:
X-Sync
header:
Keep Keys Secure
Use Environment Variables
Implement Access Controls
Rotate Keys Regularly
Use Test Keys for Development
Error | Description | Solution |
---|---|---|
401 - API key missing | No API key was provided | Include your API key in the Authorization header |
401 - Invalid API key | The API key is incorrect or revoked | Check that you’re using the correct API key |
403 - Missing grant key | Advanced authentication required | Include your private key in the X-Grant header |
403 - Invalid grant key | The private key is incorrect | Verify your private key is correct |
404 - Sync account not found | Invalid sync account ID | Check that the sync account exists and you have access to it |