The Gigapay API uses API keys to identify and authenticate requests. You can request keys by contacting us at email@example.com. Note that you will receive separate sets of keys for the live and demo environment.
Your API keys carry many privileges, so be make sure you keep them secure. Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, etc.
Authorization to the API is performed through a token-based HTTP Authentication scheme. To authorize requests, include the
Integration-ID HTTP header. Note that the authentication key should be prefixed by the string literal "Token", with whitespace separating the two strings. For example:
curl https://api.gigapay.se/v2/payouts \-H "Authorization: Token 1vjv20ksxwvlpp3peize74ievjmx3e" \-H "Integration-ID: 650fd73ff5"
API requests without authentication will fail with the HTTP response code
403. API calls made over plain HTTP instead of HTTPS will also be rejected with the response code
The Gigapay API Supports IP-whitelisting. When requesting API-keys, let us know which IP:s you would like to restrict access. If IP-whitelisting is enabled, API requests made from a non-whitelisted IP will be rejected with HTTP response code