The SureCart API uses API tokens to authenticate requests. You can view and manage your API tokens in your dashboard.

Your API tokens carry many privileges, so be sure to keep them secure! Do not share your secret API tokens in publicly accessible areas such as GitHub, client-side code, and so forth.

Authentication to the API is performed via bearer auth, use -H "Authorization: Bearer YOUR-API-KEY" to authenticate.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.

Private & Public Endpoints

The SureCart API is composed of private and public endpoints. Private endpoints require use of your secret API token, and public endpoints require use of your public API token.

All public endpoints are denoted with (Public) in the name of the endpoint.