ImpactAPI Documentation
    • Introduction
    • Quick Start
    • Authentication
    • Donation Sessions
    • Error Handling
    • Pagination
    • Metadata
    • Endpoints
    • Customers
    • Donation Intents
    • Donation Sessions
    • Vendors
    • Campaigns
API Version: v1.0
Back to dashboard
ImpactAPI Documentation

Authentication

Learn how to authenticate your requests to the ImpactAPI using API keys.

API keys

The ImpactAPI uses API keys for authentication. You can generate and manage your API keys from your dashboard.

Security best practices
  • Keep your API keys secure and never expose them in client-side code
  • Use environment variables to store API keys in your applications
  • Rotate your API keys regularly

Authentication method

Include your API key in the Authorization header of your requests:

curl -X POST "https://testing.impactapi.co/donation_intents" \
-H "Authorization: Bearer YOUR_API_KEY_HERE" \
-H "Content-Type: application/json" \
-d '{
  "intents": [
    {
      "amount": 100,
      "campaign_identifier": "trees-for-the-future"
    }
  ]
}'

Authentication errors

If authentication fails, you'll receive one of the following error responses:

401Unauthorized
{
  "error": {
    "code": "auth.unauthorized",
    "message": "Unauthorized",
    "correlation_id": "550e8400-e29b-41d4-a716-446655440000"
  }
}
403Forbidden
{
  "error": {
    "code": "auth.forbidden",
    "message": "Access forbidden",
    "correlation_id": "550e8400-e29b-41d4-a716-446655440000"
  }
}