Anchor API uses API keys to authenticate requests. All requests must be made over HTTPS and authenticated over standard HTTP basic authentication. So will API requests sent without a valid API key.

Create API Key

API keys can be created, viewed and managed in the Anchor dashboard on the Settings > Developers > API keys screen.

You can create an API key by specifying a name, environment, expiration and permission (read-only, modify, or write)

All API requests are authenticated with an API key with the following request header format:

curl --location --request GET '<base_url>/v1/api/v1/customer' \
--header 'x-anchor-key;'



An invalid, missing or expired api key will result in HTTP 401 Unauthorized responses.

They should not be in your client-side code or checked into your application's code or commit your API keys to git.