The Super Payments API uses API keys to authenticate requests. You can view and manage your API keys in the Business Portal.

We expect the Authorization header to be populated with your API key.

Your secret keys have the prefix PSK_. They carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.



Starting from v2024-02-01 the checkout-api-key header is no longer supported. Please populate the standard Authorization header instead with your API key.


When creating new API keys, a brand must be selected.


Manual API Integration

Ensure the same brand ID is specified when interacting with the payments, refunds and rewards API's.

The relevant brand ID can be retrieved from the Developers, API keys section on the business portal.


Viewing brand ID's