Skip to content
Paddle Classic
You're viewing guides for Paddle Classic, which is no longer available for new signups. Head to developer.paddle.com for Paddle Billing guides.

Authentication

The Paddle Invoice API uses API keys to authenticate requests. All requests require authentication unless explicitly stated.

To authenticate, pass a Paddle API key using the Bearer header. For example:

Authorization: Bearer c41b1272a3ad751dc4b29543763886e

You can create and manage API keys from your Paddle dashboard under Developer Tools > Authentication.

Keep your API keys safe

Section titled “Keep your API keys safe”

API keys grant access to the data in your Paddle system. Treat them like a password.

It’s good practice to refresh your API keys periodically and revoke keys that you’re no longer using.

HTTPS only

Section titled “HTTPS only”

For security, the API only accepts requests made over HTTPS.

Test authentication

Section titled “Test authentication”

The quickest way to test your authentication is to send a request to the customers endpoint using cURL.

Open a Terminal window and run the command below, replacing {api key} with your API key:

Terminal window
curl https://api.paddle.com/customers
   -H "Authorization: Bearer {api key}"

If successful, you should get a response that looks something like this:

Status: 201
{
  "data": [
    {
      "id": "ctm_31kmsg7LfRKYp19gtRLtkn",
      "name": "Ann Veal",
      "email": "sample@paddle.com",
      "marketing_consent": false,
      "status": "active",
      "created_at": "2023-10-12T07:20:50.52Z"
    }
  ],
  "meta": {
    "pagination": {
      "per_page": 1,
      "estimated_total": 999,
      "next": "api.paddle.com/customer?after=ctm_31kmsg7LfRKYp19gtRLtkn",
      "has_more": true
    }
  }
}

If not, you’ll get a 401 or 403 error response. Check your key and try again.