Authentication

Authentication

TPP API uses API keys (opens in a new tab) to authenticate requests. You can view and manage your API keys in the TPP Dashboard (opens in a new tab).

Test mode secret keys have the prefix tpp_test_ and live mode secret keys have the prefix tpp_live_.

⚠️ Your API keys carry many privileges, so be sure to keep them secure. Don't share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

Authentication to the API is performed with HTTP Basic Auth (opens in a new tab). Provide your API key as the basic auth username value. You don't need to provide a password.

If you need to authenticate with bearer auth, for example, for a cross-origin request, use -H "Authorization: Bearer tpp_test_your_key" instead of -u tpp_test_your_key.

You must make all API calls over HTTPS (opens in a new tab). Calls that you make over plain HTTP will fail. API requests without authentication will also fail.

Auth example

const Tpp = require('tpp');
const TPP = tpp('tpp_test_51NzOdeBtLuV8NhwztptyfcX1kJAxfV6DoxQ22oxZjHyHoWRZVaQwtuvBPbgccEUx1Usd2mDzO7zjBtcztMOMi1PX00Ps2GTMV4');
 
var customer = await tpp.customers.retrieve(
  'cu_1O8iq4BtLuV8NhwzqHi4ZZmw',
  {
    apiKey: 'tpp_test_51NzOdeBtLuV8NhwztptyfcX1kJAxfV6DoxQ22oxZjHyHoWRZVaQwtuvBPbgccEUx1Usd2mDzO7zjBtcztMOMi1PX00Ps2GTMV4'
  }
);
IntroductionIntegration