Authentication
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude

The Easypay API uses API Key authentication to secure server-to-server requests.

How It Works

All API requests must include two HTTP headers:

AccountId: <YOUR_ACCOUNT_ID>
ApiKey: <YOUR_API_KEY>

These credentials authenticate your application and authorize access to your Easypay account resources.

Getting Your Credentials

To create credentials for your account:

Log in to your Easypay account
Follow this guide to generate your API keys

Test Credentials

For development and testing, you can use these credentials:

AccountId: 2b0f63e2-9fb5-4e52-aca0-b4bf0339bbe6
ApiKey: eae4aa59-8e5b-4ec2-887d-b02768481a92

Important:

These credentials only work in the test environment
They will not work in production
Never use production credentials in your test environment

Authentication Errors

When authentication headers are missing or incorrect, the API returns a 403 Forbidden HTTP status code.

Common Authentication Errors

Missing Headers

{
  "status": "error",
  "message": "Authentication Error: Missing AccountId or ApiKey headers"
}

Invalid Credentials

{
  "status": "error",
  "message": "Authentication Error: Invalid AccountId or ApiKey"
}

Account Blocked

{
  "status": "error",
  "message": "Authentication Error: Your account has been blocked"
}

Insufficient Permissions

{
  "status": "error",
  "message": "Authentication Error: Insufficient permissions for this action"
}

Example Request

Here's an example of a properly authenticated request:

curl -L -X GET 'https://api.test.easypay.pt/2.0/single/5eca7446-14e9-47bb-aabb-5ee237159b8b' \
  -H 'AccountId: 2b0f63e2-9fb5-4e52-aca0-b4bf0339bbe6' \
  -H 'ApiKey: eae4aa59-8e5b-4ec2-887d-b02768481a92'

Security Best Practices

Keep Credentials Secret: Never expose your API keys in client-side code, public repositories, or logs
Use Environment Variables: Store credentials in environment variables, not in your source code
Rotate Keys Regularly: Periodically regenerate your API keys
Use Different Keys: Use separate keys for test and production environments
Monitor Usage: Regularly review API usage logs for suspicious activity

Next Steps

Environments - Learn about test and production environments
Error Handling - Handle authentication and other errors
Quick Start - Make your first authenticated API call

AuthenticationCopyCopy for LLMCopy page as Markdown for LLMsView as MarkdownOpen this page as MarkdownOpen in ChatGPTGet insights from ChatGPTOpen in ClaudeGet insights from Claude