Skip to main content
For the complete documentation index, see llms.txt.

API Key Authentication

All Shakesco API requests require authentication using bearer tokens, regardless of which API product you’re using.

Getting Your API Key

1

Create account

Sign up at users.shakesco.com
2

Get API key

Navigate to API Tokens in your dashboard and generate a key

Using Your API Key

Include your API key in the Authorization header for all requests: 
Authorization: Bearer YOUR_API_KEY
Payment Links / Invoices example: 
const response = await fetch("https://payments.shakesco.com/invoices", {
  method: "POST",
  headers: {
    Authorization: "Bearer uHdONhRNd98285c4...",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    // request body
  }),
});
Loyalty Tokens example: 
const response = await fetch("https://tokens.shakesco.com/claim-tokens", {
  method: "POST",
  headers: {
    Authorization: "Bearer uHdONhRNd98285c4...",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    // request body
  }),
});
Auto-Payments example: 
const response = await fetch("https://payments.shakesco.com/request", {
  method: "POST",
  headers: {
    Authorization: "Bearer uHdONhRNd98285c4...",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    // request body
  }),
});

API Products & Base URLs

API ProductBase URLGet Started
Payment Linkshttps://payments.shakesco.comInvoice API
Loyalty Tokenshttps://tokens.shakesco.comTokens API
Auto-Paymentshttps://payments.shakesco.comDeploy guide

Security Best Practices

Never embed your API key in browser or mobile-client code. Shakesco APIs are designed for server-to-server calls only. A leaked key lets anyone act as your business until you rotate it.
Recommended:
  • Always call Shakesco APIs from your backend, never from a browser or mobile app
  • Store API keys in environment variables on your server
  • Rotate keys periodically
  • Never commit keys to version control
Example with environment variables: 
const API_KEY = process.env.SHAKESCO_API_KEY;

const response = await fetch("https://payments.shakesco.com/invoices", {
  headers: {
    Authorization: `Bearer ${API_KEY}`,
  },
});

Testing

For Auto-Payments you can verify integration without charges using the test endpoints:
  • /delegate_address: Get test user address
  • /buss_delegate_address: Get test business address

Authentication Errors

401 Unauthorized Missing or invalid API key: 
{
  "error": "Unauthorized"
}
Solutions:
  • Verify API key is correct
  • Check Bearer prefix is included
  • Ensure the key is active in your dashboard
403 Forbidden Valid API key but insufficient permissions: 
{
  "error": "Forbidden"
}
Solutions:
  • Verify the account is fully set up
  • Ensure .sns username is registered (for payment links)