Ravelin uses API keys and token authentication to allow access to our APIs.

Your API keys can be found under the API Keys tab in the Developer section of the dashboard.

Your Secret API Keys should be used when sending requests to and will either have the prefix sk_ or secret_key_. You should include your Secret API Key in the Authorization header of all requests to in the format: Authorization: token sk_live_your_secret_key. All requests should be made using HTTPS.

For example:

curl ""
    -H "Authorization: token sk_live_your_secret_key"
    -X POST

Your Publishable API Keys (and, if provided, your Public RSA Keys) should be used by ravelinjs and the Mobile SDK docs (iOS, Android). Your Publishable API Keys will either have the prefix pk_ or publishable_key_.

Keys for use with your sandbox account include the term _test_, while keys for use with your live account include the term _live_. Your sandbox keys can be accessed in the same API Keys tab in the Developer section of the dashboard, when you’ve switched to your sandbox account from the account menu.

You can request for new API keys to be generated by contacting your account manager.


© Ravelin Technology Ltd. All rights reserved