Authentication
You'll need to authenticate your requests to call any of the endpoints in the 1ClickImpact API. In this guide, we'll look at how authentication works.
The 1ClickImpact API uses API keys to authenticate requests. You can view and manage your API keys in the 1ClickImpact Account. Sandbox environment (test mode) secret keys are different from the production environment (live mode) secret keys. Your API keys track your identity for impact made and billing, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth. All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without keys will also fail.
API Key Authentication
The API key you use to authenticate requests differs depending on the environment:
Sandbox (Test Mode)
Use the sandbox API key, which begins with the prefix test_. This key is for testing and sandbox purposes and allows you to simulate API calls without affecting live data.
Production (Live Mode)
Use the production API key, which begins with the prefix live_. This key is for authenticating requests in the live production environment.
Make sure to use the appropriate key for each environment, as production and sandbox modes are isolated from each other.
Example requests with key auth
Sandbox Request
curl --location https://sandbox.1clickimpact.com/v1/whoami \
--header 'x-api-key: {SANDBOX API KEY}'
Production Request
curl --location https://api.1clickimpact.com/v1/whoami \
--header 'x-api-key: {PRODUCTION API KEY}'
Always keep your keys safe and refresh it if you suspect it has been compromised.