Access Token API
The Access Token API exchanges your API keys for a short-lived token that you include in every subsequent request to confirm your identity.
For a merchant, API keys are unique to each sales unit and act as your credentials when authenticating API requests. They are sometimes referred to as merchant keys to distinguish them from other key types.
API keys are exchanged for an access token, which must then be included in every API request.
How do I get started?​
Most users have standard API keys (also called merchant keys or merchant sales unit keys). If that's you, select the Merchant keys tab below and follow the guide for your API.
What kind of keys do I have?
If you're not sure which key type you have, use this table:
| Key type | Description |
|---|---|
| Merchant keys | Standard API keys provided to a merchant, allowing access to their sales unit. Used by merchants and sometimes by partners acting on a merchant's behalf. |
| Partner keys | Elevated API keys provided to large partners, allowing access to all their merchants' sales units. Used by partners acting on behalf of all their merchants. |
| Accounting keys | Specialty keys provided to accounting partners, giving them access to the Report API for one of their merchants' sales units. |
| Merchant-level keys | Specialty keys provided to Donations product users, allowing them to review their donations proceeds. |
- Merchant keys
- Partner keys
- Accounting keys
- Merchant-level keys (Donation keys)
Merchant keys always use standard authentication.
Partner keys always use standard authentication.
Accounting keys always use specialized authentication and give access to one API:
Merchant-level keys are currently only used for Donations. These use specialized authentication.
- Donations API
- Report API (for Donations reporting)
- Webhooks API (for Donations webhooks)
Each API's quick start guide covers authentication as part of the setup — you don't need to read the rest of this section first. Select your API above and follow the guide.