Just launched
We're actively working on new content and improvements to our documentation. We'd love to hear your thoughts, launch quick survey
Paddle Billing
Search
Home
Concepts
Build
Errors
Webhooks
API reference
Paddle.js
Changelog
API reference

Authentication

Use Bearer authentication when making requests to the Paddle API. Get a key from Paddle > Developer Tools > Authentication.

All requests to the Paddle API require authentication unless explicitly stated. The API uses Bearer authentication.

To authenticate, pass your Paddle API key using the Bearer header. For example:

1
1Authorization: Bearer bb4e69088ea07a98a90565ac610c63654423f8f1e2d48b39b5

To avoid exposing your API key and other sensitive data, do not make requests to the Paddle API directly from your frontend. Build functionality into your backend to handle requests and serve just the information you need to your frontend.

Entities in the API have an Access-Control-Allow-Origin header to block access from browsers.

Get an API key

To create and manage API keys, go to Paddle > Developer Tools > Authentication. Follow the instructions under the "Generate Auth Code" section.

Treat your API key like a password. Keep it safe and never share it with apps or people you don't trust.

It's good practice to refresh your API keys periodically and revoke keys that you're no longer using.

Test authentication

The quickest way to test your authentication is to send a request to the /event-types endpoint. This returns a list of the types of events that are included in the event stream. It returns data even if you haven't created any entities in Paddle yet.

GEThttps://api.paddle.com/event-types
cURL request
1
1curl https://api.paddle.com/event-types -H "Authorization: Bearer bb4e69088ea07a98a90565ac610c63654423f8f1e2d48b39b5"

Response

If successful, you should get a response that includes a data array and a meta object.

200 OK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
1{
2  "data": [
3    {
4      "name": "transaction.billed",
5      "description": "Occurs when a transaction is billed. Its status field changes to billed and billed_at is populated.",
6      "group": "Transaction",
7      "available_versions": [
8        1
9      ]
10    },
11    {
12      "name": "transaction.canceled",
13      "description": "Occurs when a transaction is canceled. Its status field changes to canceled.",
14      "group": "Transaction",
15      "available_versions": [
16        1
17      ]
18    },
19    {
20      "name": "transaction.completed",

If unsuccessful, Paddle returns a 403 error with information about what went wrong and how to troubleshoot.

Related pages

Versioning
Read more
Errors
Read more
On this page

Sign up to get notified when our API changes

Absolutely no marketing emails, we promise.

Paddle Logo
Privacy
Terms
Paddle.com Market Ltd. © 2012—2023