Quick Start
How it works
Basic Authentication requires you to include anAuthorization header with every request. The header value consists of the word “Basic” followed by a space and a base64-encoded string of your credentials.
Format
Credential encoding
Your credentials should be formatted asapi_key:api_key and then base64-encoded.
1
Format your credentials
Take your API key and format it as:
your_api_key:your_api_key2
Encode with base64
Encode the formatted string using base64 encoding
3
Add to Authorization header
Include the encoded string in your request headers as:
Authorization: Basic ENCODED_STRINGExample
Let’s say your API key issk_live_abc123. Here’s how you’d construct the Authorization header:
Getting your API key
Quickbutik Control Panel
API keys can be generated and managed in the Quickbutik Control Panel by the store owner.Navigate to Settings → API to create and manage your API keys.
Security best practices
Keep your API keys secure
- Never expose API keys in client-side code
- Use environment variables to store API keys
- Rotate API keys regularly
- Only grant necessary permissions
Migration from legacy authentication
Before (Legacy - Deprecated)
After (Current)
Error responses
When authentication fails, you’ll receive a401 Unauthorized response:
- Missing
Authorizationheader - Invalid API key
- Malformed base64 encoding
- Using HTTP instead of HTTPS