auth_check

POST /auth_check

Validates a merchant's API key pair without performing any order operation. Use this endpoint to confirm that a public/secret key combination is correct before integrating or after rotating keys.

Credentials are supplied via HTTP Basic Authentication: the public key (merchant_pk) as the username and the secret key (merchant_sk) as the password.

Rate limit: 5 requests per IP every 10 minutes. Exceeding this limit returns 429 Too Many Requests with a Retry-After header indicating when the next request will be accepted.

Responses

Credentials are valid. Returns the merchant's internal ID and display name.

application/json

Schema
Example (from schema)

Schema

data object

Merchant details for the authenticated API key pair.

merchant_name stringrequired

Display name of the authenticated merchant.

message stringrequired

status object

type stringrequired

code integerrequired

error booleanrequired

{
  "data": {
    "merchant_name": "Acme Corp"
  },
  "message": "API Keys are valid",
  "status": {
    "type": "success",
    "code": 200
  },
  "error": false
}

Authentication failed — credentials missing or incorrect.

application/json

Schema
Example (from schema)

Schema

message stringrequired

status object

type stringrequired

code integerrequired

error booleanrequired

{
  "message": "Authentication Failed",
  "status": {
    "type": "fail",
    "code": 401
  },
  "error": true
}

Rate limit exceeded. Retry after the duration indicated in the Retry-After header.

application/json

Schema
Example (from schema)

Schema

message stringrequired

{
  "message": "Rate limit exceeded, retry in 1 minute"
}

auth_check

/auth_check

Responses​

Responses