Authenticate your account when using the API by including your secret API key in the request. You can manage your API keys in the Hips Dashboard. Your API keys carry many privileges, so be sure to keep them secret! Do not share your secret API keys in publicly accessible areas such GitHub, client-side code, and so forth.

Choose one of the following authentication methods. For in-house direct one-to-one merchants we recommend authenticating using basic access authentication (HTTP Basic Auth).

For multitenancy software such as e-commerce providers we recommend using OAuth 2.0 for API key exchange for a better customer experience.


A happy transaction is an authenticated transaction!

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.