The Railz API uses API keys to authenticate requests. You can view and manage your API keys in the Railz Dashboard™.
Sandbox mode secret keys have the prefix SB_ and Production mode secret keys have the prefix ID_.
Secure your API Keys
Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
Authentication to the API is performed via HTTP Basic Authentication on the Get Access Token endpoint. Provide your API identifier client_id
as the basic auth username and secret key secret_key
as the password, Base64 encoded.
The response will provide you with an access_token
that you can use with the endpoints described in this reference documentation.
An
access_token
is valid for 60 minutes. We advise that you establish a plan to refresh theaccess_token
before it expires in case your service is running standalone.
All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.
Railz expects the API key to be included in all API requests to the server with an Authorization header.
Authorization: Bearer your_api_key
Admin and Developer users can view and generate API keys from the Railz Dashboard™.
You must replace
your_api_key
with your API key.