Anchor API uses API keys to authenticate requests. All requests must be made over HTTPS and authenticated over standard HTTP basic authentication. You need to pass the TEST or PROD_PLAYGROUND OR PROD API key in the header. You can view and manage your API keys on the Anchor Dashboard.

All API requests are authenticated with an API key with the following request header format:

curl --location --request GET '<base_url>/v1/api/v1/customer' \
--header 'x-anchor-key;'


API keys must be kept secret

They should not be in your client-side code or checked into your application's code or commit your API keys to git.

All API requests must be made over HTTPS.



An invalid, missing or expired api key will result in HTTP 401 Unauthorized responses.