Authentication

Learn about Digital River API authentication.

The Digital River API authenticates requests using API keys.

Digital River provides secret keys (tokens) for live and test mode keys for the Digital River API. Each secret key uses a prefix. Use the sk_test_ prefix for test mode secret keys and the sk_ prefix for live mode secret keys. If you want to apply additional restrictions to access and permissions, you can use restricted API keys.

Important: Limit access to your API keys and secret keys to those who need them. Do not store them in a version control system.

The Java library automatically sends your API key in each request when you assign the API key to DigitalRiver.apiKey.

You must send all API requests over HTTPS. Calls sent over plain HTTP will fail. Sending an API request without authentication automatically fails.

Obtaining Digital River API credentials

Contact your Account or Sales Representative to sign up for a Dashboard account. You will receive an invitation by email when your account is activated. Go to the Digital River Dashboard to view and manage your Digital River API keys.