Authentication
PLATFORM_NAME uses two authentication styles:
| Style | Header | Used for |
|---|---|---|
| API key | Authorization: Api-Key … | Create payment, Get payment by id, Refunds — server-to-server integrations |
| Dashboard session | Authorization: Token … | Organization & merchant, Payment links — logged-in merchant web app |
Payment links cannot be created with an API key; they require a dashboard session (Payment links (dashboard)).
API key
Create and rotate your organization API key in the dashboard: Organization → API & Webhooks.
Send the key in the request header:
Authorization: Api-Key <your_api_key>
or:
Api-Key: <your_api_key>
Dashboard session (Token)
After signing in to the merchant dashboard, the web app stores an access token (e.g. cookie) and sends:
Authorization: Token <access_token>
Use this for organization profile, API key management UI, webhooks, and payment link CRUD. See Organization & merchant.
Scopes
API keys can be limited by scope. Assign scopes when creating or rotating a key in the dashboard.
| Scope | Allows |
|---|---|
checkout:create | POST /api/checkout/create/ |
payments:read | GET /api/transactions/{id}/, GET /api/refunds/, GET /api/refunds/{id}/ |
payments:write | Create refunds (POST /api/transactions/{id}/refund/) — alias for refund write |
refunds:read | List and get refunds |
refunds:write | Create refunds |
An empty scope list on a key means all scopes are enabled (legacy behavior).
Refund API does not require 2FA — only a valid API key with refunds:write or payments:write. Dashboard refunds still require an email verification code.
Example (API key)
curl -X POST "https://api.sandbox.nd8.com/api/checkout/create/" \
-H "Authorization: Api-Key YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"billing_country": "US",
"billing_postal_code": "10001",
"billing_first_name": "Jane",
"billing_last_name": "Doe",
"billing_email": "jane@example.com",
"currency": "USD",
"products": [{"id": "prod_xxx", "quantity": 1}]
}'
Supported charge currencies are USD and EUR only (Currencies).
See also: Currencies (USD & EUR) · Refunds · Organization & merchant · API Reference