The Groov API uses API keys to authenticate requests. You can view and manage your API keys in your Groov Dashboard account.

Test API keys have the prefix pk-test- and live mode api keys have the prefix pk-live-.

Your API keys carry many privileges. Follow best practices to keep your keys safe. Don’t embed API keys in source code or client-side applications. Instead, use your server platform’s secrets vault to provide keys to your server-side applications. If your platform doesn’t offer a secrets vault, set your keys in environment variables.

Make all API requests over HTTPS. Calls made over plain HTTP fail. API requests without authentication also fail.