Since our API uses Bearer Authentication you have to request a token before you can do anything else. To do this, call our authentication endpoint using basic Authentication.

It is recommended to create an Application to use for Authentication, when doing so your Application Id is the username, and the Secret Key is the password. Read more Application Authentication.

We still support using your Merchant Id as the username and its Secret Key is the password.

🚧

Heads Up!

Don't try to use JSON as a post body, it won't work. You need to use form-data for this one.

📘

API Keys

PS, if you're currently logged in to the portal, conveniently your sandbox API keys for are below:

> Test Merchant ID: USER  
> Test Secret Key: PASS

You can also find these keys here: https://web.getpinch.com.au/api-keys