Our API is based on a single endpoint architecture approach. The specific operations are determined from the requests sent to this endpoint.
1app authenticates your API requests using your account’s API keys. If you do not include your key when making an API request or use one that is incorrect or outdated, 1app returns an error.
Every account created on 1app has a priviledge to generate two kinds of API keys:
Your secret keys are to be kept secret and only stored on your servers, preferably as an environment variable. Do not include them in your GitHub repository, or use them in client-side code.
If for any reason, you believe your secret key has been compromised, you can reset them from the dashboard
All API requests must be made over HTTPS. All API calls to 1app endpoints require authorization. Any requests made without authorization will fail.
Authorization: "Bearer YOUR_SECRET_KEY"
Authorization: "Bearer YOUR_PUBLIC_KEY"
Authorization: Bearer 1applive_sk_0a21husgdsyda2dbaa329a9876c917
All API requests exist in either test or live mode, and one mode cannot be manipulated by data in the other.